• WELCOME
Welcome to the Myantispyware - free site offering help and assistance on spyware, malware and adware removal. As a guest you can only browse and view the various topics in the forums, but can not create a new topic and reply to an existing topic. If you are seeking help, you will need to be a logged into the forums with a registered account. Registering is free.
Click here to Create a free account and read How to use Spyware Removal Forum

I believe my system is operating with a virus

This forum is for removing Malware, Spyware, Adware. Post your HijackThis, DDS, RSIT, Combofix logs here.

Moderator: Moderators

Re: I believe my system is operating with a virus

Postby 12056 » Sun Mar 27, 2011 4:11 am

We might be getting somewhere with ComboFix:

Open notepad, copy/paste the text in the code box below into notepad:

Code: Select all
DirLook::
C:\e
c:\windows\system32\bits
c:\windows\system32\en

File::
c:\documents and settings\Cash\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe

Folder::
c:\documents and settings\All Users\Application Data\PopCap


Name the Notepad file CFScript and Save it to your desktop. Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
Image

When finished, it will produce a report for you.

Then, Download TDSS Killer from here, and use this tutorial to cure infected files and skip suspicious files.

Paste the log file for TDSS Killer and ComboFix in your next post.
Rhett Trappman
MyAntispyware.com Forum Security Team and Moderator
12056
 
Posts: 860
Joined: Sun Apr 25, 2010 9:57 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 6:09 am

sorry for the delay. I fell asleep as it was midnight here, going back to bed and will pick back up in the morning. you are the man. thanx
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 3:43 pm

When I copied that script into ComboFix, it updated first. Now it is attempting to create a new system restore point. I am waiting for the report.

I also disabled my firewall, virus protection last night before running this ComboFix program, as directed in the tutorial. Just letting you know I do not have any protection currently running.
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 3:59 pm

Here is the new ComboFix report, Now I will run the other scan and post back shortly.


ComboFix 11-03-26.02 - Chrystal 03/27/2011 11:44:30.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.255.125 [GMT -4:00]
Running from: c:\documents and settings\Chrystal\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Chrystal\Desktop\CFScript.txt
AV: Charter Security Suite 9.01 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Charter Security Suite 9.01 *Disabled* {D4747503-0346-49EB-9262-997542F79BF4}
.
FILE ::
"c:\documents and settings\Cash\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\PopCap
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\_version.bin
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Chuzzle.dll
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Data\gamedata.cfg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Arial10Bold.txt
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Arial10Bold_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9314.txt
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9314_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9318.txt
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9318_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9328.txt
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\Bauhaus9328_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\TexasLED16.txt
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Fonts\TexasLED16_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\BadMove.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\BigBang.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\BigScore.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\BonusTing.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Bottled.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\BreakLock.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\bubble1.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\bubble2.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_badmove.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bigbang.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bigscore.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bonusting.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bottled.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_breaklock.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bubble1.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_bubble2.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_cascadepop.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_chuzzled.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_chuzzleddoom.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_click.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_cough.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_eyebonus.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_eyesescape.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_flash.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_gameover.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_gameselect.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_go.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_hilite.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_hugesneeze.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_levelup.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_leveluppop.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_lockclank.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_lockit.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_manychuzzles.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_multipop.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_nomoremoves.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_oggleoggle.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_plugbottle.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pokechuzzle.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pop.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pop2.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pop3.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pop4.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_pop5.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek1.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek2.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek3.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek4.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek5.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_popshriek6.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_ready.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_releasechuzzles.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_scramble.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_shakebottle.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_shuffle.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_smallsneeze.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_ting.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cached_transition.wav
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\CascadePop.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Chuzzled.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\ChuzzledDoom.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Click.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\cough.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\eyebonus.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\EyesEscape.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Flash.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\gameover.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\GameSelect.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Go.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Hilite.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\hugesneeze.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\LevelUp.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\LevelupPop.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\LockClank.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\lockit.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\ManyChuzzles.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Multipop.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\NoMoreMoves.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\oggleoggle.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PlugBottle.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\pokechuzzle.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Pop.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Pop2.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Pop3.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Pop4.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Pop5.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek1.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek2.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek3.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek4.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek5.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\PopShriek6.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Ready.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\ReleaseChuzzles.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Scramble.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\ShakeBottle.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Shuffle.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\smallsneeze.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Ting.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Sounds\Transition.ogg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Backdrops\bkg1.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Border.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Border_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Bottle.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Bottle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\BottleFill_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Burst_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ChaBoom.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ChaBoom_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Chuzzle-Base.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Chuzzle-Base_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Chuzzle-Hilite_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Chuzzle-Splode.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Chuzzle-Splode_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ColorblindSymbols.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ColorblindSymbols_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Combo.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Combo_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Cork.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Cork_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Cursors.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\DialogBox.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\DialogBox_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Eyes.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Eyes_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\FizzyStar_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\GameOver.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\GameOver_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\GameOverCircle.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\GameOverCircle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Go.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Go_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\HintArrow_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\HintButton.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\HintButton_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\HintButton_Halo_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\HintCircle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelStar.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelStar_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelupBonus.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelupBonus_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelUpDisplay.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelUpDisplay_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelupDoors.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LevelupLight_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Lock.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Lock_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\LockGlints_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\MainMenuButton.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\MainMenuButton_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Marquee.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Marquee_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\MenuButton.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\MenuButton_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NakedChuzzle.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NakedChuzzle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NoMoreMovesCircle.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NoMoreMovesCircle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NoMoreMovesText.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\NoMoreMovesText_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\OkayButton.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\OkayButton_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Paused.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Paused_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\playbutton.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\playbutton_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Pupils.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Pupils_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Rainbow.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\RainbowSplode.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\RainbowSplode_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Ready.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Ready_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ReleaseRainbow.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ReleaseRainbow_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\RetroCircle_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ScoreUp.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\ScoreUp_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\SodaPop_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Star_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\SuperEffect_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TransitionStar1.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TransitionStar1_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TransitionStar2.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TransitionStar2_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TutorBorder.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\TutorBorder_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\tutorialbackground.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Wince.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\Wince_.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\WonderGlare.gif
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\chuzzle\Textures\WonderGlare_.jpg
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\logo.bmp
c:\documents and settings\All Users\Application Data\PopCap\PopCapLoader\trygames\logoversion.txt
c:\documents and settings\Cash\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
c:\windows\Downloaded Program Files\popcaploader.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-02-27 to 2011-03-27 )))))))))))))))))))))))))))))))
.
.
2011-03-27 00:37 . 2011-03-27 00:37 -------- d-----w- c:\documents and settings\Chrystal\DoctorWeb
2011-03-26 22:38 . 2011-03-26 22:38 -------- d-----w- c:\documents and settings\Chrystal\Application Data\SUPERAntiSpyware.com
2011-03-26 22:38 . 2011-03-26 22:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-03-26 21:51 . 2011-03-26 21:51 -------- d-----w- c:\documents and settings\Chrystal\Application Data\Malwarebytes
2011-03-26 21:50 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-26 21:50 . 2011-03-26 21:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-26 21:50 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-26 21:20 . 2011-03-26 21:20 -------- d-----w- C:\_OTL
2011-03-26 19:51 . 2011-03-26 19:51 -------- d-----w- c:\program files\Trend Micro
2011-03-26 00:35 . 2011-03-26 00:36 -------- d-----w- c:\program files\Altnet Music Plugin
2011-03-22 04:06 . 2011-03-22 04:06 -------- d-----w- c:\program files\iPod
2011-03-22 03:20 . 2011-03-22 03:22 -------- d-----w- c:\program files\Safari
2011-03-22 01:00 . 2011-03-22 01:00 -------- d-----w- c:\documents and settings\Chrystal\Application Data\F-Secure
2011-03-16 16:30 . 2011-03-26 06:13 -------- d-----w- c:\documents and settings\Beau
2011-03-16 02:46 . 2011-03-16 02:46 -------- d-----w- c:\documents and settings\Chrystal\Local Settings\Application Data\Temp
2011-03-14 22:55 . 2011-03-14 22:55 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2011-03-13 02:25 . 2011-03-13 02:25 -------- d-----w- C:\e
2011-03-12 13:29 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-03-12 13:29 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-03-12 13:29 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-03-12 13:27 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-12 13:03 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-11 21:34 . 2011-03-11 21:34 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\scripting
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\l2schemas
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\en
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\bits
2011-03-11 18:12 . 2011-03-11 18:12 -------- d-----w- c:\windows\EHome
2011-03-09 02:43 . 2011-03-09 02:43 -------- d-----w- c:\documents and settings\Alizabeth\Application Data\F-Secure
2011-03-05 17:26 . 2011-03-05 17:26 -------- d-sh--w- c:\documents and settings\Alizabeth\IECompatCache
2011-03-04 02:13 . 2011-03-04 02:13 -------- d-----w- c:\documents and settings\Alizabeth\Local Settings\Application Data\Apple
2011-03-03 21:11 . 2011-03-03 21:11 -------- d-----w- c:\documents and settings\Alizabeth\Local Settings\Application Data\Identities
2011-03-03 20:18 . 2011-03-03 20:18 -------- d-----w- c:\documents and settings\Chrystal\Local Settings\Application Data\Identities
2011-03-03 14:50 . 2011-03-03 14:50 -------- d-sh--w- c:\documents and settings\Cash\PrivacIE
2011-03-03 14:46 . 2011-03-03 14:46 -------- d-----w- c:\documents and settings\Cash\Application Data\Yahoo!
2011-03-01 04:47 . 2011-03-01 04:47 -------- d-sh--w- c:\documents and settings\Chrystal\IECompatCache
2011-02-28 23:55 . 2011-02-28 23:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-02-28 00:57 . 2011-02-28 00:57 -------- d-sh--w- c:\documents and settings\Cash\IETldCache
2011-02-27 22:27 . 2011-02-27 22:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure
2011-02-27 22:27 . 2011-02-27 22:35 42664 ----a-w- c:\windows\system32\drivers\fsbts.sys
2011-02-27 22:26 . 2011-02-27 23:08 82120 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2011-02-27 22:24 . 2011-02-27 23:09 -------- d-----w- c:\program files\Charter Security Suite
2011-02-27 22:23 . 2011-02-27 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg
2011-02-27 22:23 . 2011-02-27 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\f-secure
2011-02-27 20:03 . 2011-02-27 20:03 -------- d-sh--w- c:\documents and settings\Alizabeth\PrivacIE
2011-02-27 20:03 . 2011-02-27 20:03 -------- d-sh--w- c:\documents and settings\Alizabeth\IETldCache
2011-02-27 13:39 . 2011-02-27 13:39 -------- d-sh--w- c:\documents and settings\Abigail\IETldCache
2011-02-27 02:44 . 2011-02-27 02:44 -------- d-sh--w- c:\documents and settings\Chrystal\PrivacIE
2011-02-27 02:40 . 2011-02-27 02:40 -------- d-sh--w- c:\documents and settings\Chrystal\IETldCache
2011-02-27 02:34 . 2011-02-27 02:35 -------- dc-h--w- c:\windows\ie8
2011-02-27 02:30 . 2010-12-20 23:59 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-27 02:30 . 2010-12-20 23:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-27 02:30 . 2010-12-20 23:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-27 02:30 . 2010-12-20 23:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-27 02:30 . 2010-12-20 23:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-27 02:30 . 2010-12-20 23:59 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-02-27 02:30 . 2010-12-21 10:29 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-02-26 00:29 . 2011-02-26 00:29 -------- d-----w- c:\documents and settings\Abigail\Application Data\Apple Computer
2011-02-25 22:55 . 2011-02-25 22:55 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 20:36 . 2011-02-20 01:01 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2011-02-20 01:01 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53 . 2004-08-04 10:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 10:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2010-12-13 04:27 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-12-13 04:27 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-04 10:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-04 10:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 10:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\e ----
.
2011-03-13 02:25 . 2011-03-13 02:25 598 ----a-w- c:\e\sset_02_s0.png
2011-03-13 02:25 . 2011-03-13 02:25 768 ----a-w- c:\e\ebay27_spc.png
.
---- Directory of c:\windows\system32\bits ----
.
2008-04-14 00:12 . 2008-04-14 00:12 409088 ------w- c:\windows\system32\bits\qmgr.dll
.
---- Directory of c:\windows\system32\en ----
.
2008-04-14 00:11 . 2008-04-14 00:11 28672 ------w- c:\windows\system32\en\microsoft.managementconsole.resources.dll
2008-04-14 00:11 . 2008-04-14 00:11 40960 ------w- c:\windows\system32\en\mmcex.resources.dll
2008-04-14 00:11 . 2008-04-14 00:11 6656 ------w- c:\windows\system32\en\mmcfxcommon.resources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"SUPERAntiSpyware"="c:\documents and settings\Chrystal\Desktop\SUPERAntiSpyware.exe" [2011-03-16 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"F-Secure Manager"="c:\program files\Charter Security Suite\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Charter Security Suite\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\documents and settings\Chrystal\Desktop\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\documents and settings\Chrystal\Desktop\SASWINLO.DLL
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2/27/2011 6:27 PM 42664]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2/27/2011 6:26 PM 82120]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Charter Security Suite\HIPS\drivers\fshs.sys [2/27/2011 6:25 PM 68064]
R1 SASDIFSV;SASDIFSV;c:\documents and settings\Chrystal\Desktop\sasdifsv.sys [2/17/2010 2:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\Chrystal\Desktop\SASKUTIL.SYS [5/10/2010 2:41 PM 67656]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys [2/27/2011 6:24 PM 130728]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Charter Security Suite\ORSP Client\fsorsp.exe [2/27/2011 6:25 PM 63992]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\Chrystal\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\Chrystal\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsfilter.sys [2/27/2011 6:24 PM 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsrec.sys [2/27/2011 6:24 PM 25184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 09:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 19:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp:\\yahoo.com\
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-27 11:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(496)
c:\documents and settings\Chrystal\Desktop\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
.
Completion time: 2011-03-27 11:56:25
ComboFix-quarantined-files.txt 2011-03-27 15:56
ComboFix2.txt 2011-03-27 03:27
.
Pre-Run: 31,095,656,448 bytes free
Post-Run: 31,088,439,296 bytes free
.
- - End Of File - - B46F44FE83BD6991B7635FA66441B307
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 4:09 pm

OK...I ran the TDSSKiller scan, which is now complete. Processed 174 objects, Infection is NONE FOUND
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 4:11 pm

Here is the report anyway:


2011/03/27 12:07:03.0506 3212 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/27 12:07:03.0974 3212 ================================================================================
2011/03/27 12:07:03.0974 3212 SystemInfo:
2011/03/27 12:07:03.0974 3212
2011/03/27 12:07:03.0974 3212 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/27 12:07:03.0974 3212 Product type: Workstation
2011/03/27 12:07:03.0974 3212 ComputerName: CHRYS
2011/03/27 12:07:03.0974 3212 UserName: Chrystal
2011/03/27 12:07:03.0974 3212 Windows directory: C:\WINDOWS
2011/03/27 12:07:03.0974 3212 System windows directory: C:\WINDOWS
2011/03/27 12:07:03.0974 3212 Processor architecture: Intel x86
2011/03/27 12:07:03.0974 3212 Number of processors: 1
2011/03/27 12:07:03.0974 3212 Page size: 0x1000
2011/03/27 12:07:03.0974 3212 Boot type: Normal boot
2011/03/27 12:07:03.0974 3212 ================================================================================
2011/03/27 12:07:04.0365 3212 Initialize success
2011/03/27 12:07:09.0865 2876 ================================================================================
2011/03/27 12:07:09.0865 2876 Scan started
2011/03/27 12:07:09.0865 2876 Mode: Manual;
2011/03/27 12:07:09.0865 2876 ================================================================================
2011/03/27 12:07:11.0334 2876 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/03/27 12:07:11.0459 2876 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/27 12:07:11.0599 2876 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/27 12:07:11.0803 2876 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/27 12:07:11.0959 2876 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/27 12:07:12.0084 2876 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/03/27 12:07:12.0771 2876 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/27 12:07:12.0881 2876 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/27 12:07:13.0084 2876 ati2mtaa (2d030c2f6b036ca0bc243e1b16d924d1) C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
2011/03/27 12:07:13.0271 2876 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/27 12:07:13.0428 2876 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/27 12:07:13.0568 2876 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/27 12:07:13.0974 2876 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/27 12:07:14.0193 2876 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/27 12:07:14.0303 2876 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/27 12:07:14.0428 2876 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/27 12:07:14.0553 2876 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/03/27 12:07:15.0131 2876 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/27 12:07:15.0303 2876 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/27 12:07:15.0490 2876 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/27 12:07:15.0615 2876 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/27 12:07:15.0756 2876 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/27 12:07:16.0006 2876 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/27 12:07:16.0162 2876 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
2011/03/27 12:07:16.0365 2876 F-Secure Filter (d4980588ed87f8bb16be43ddd0fbd5fe) C:\Program Files\Charter Security Suite\Anti-Virus\Win2K\FSfilter.sys
2011/03/27 12:07:16.0459 2876 F-Secure Gatekeeper (ba3a72b0d43954f8a92c6d896183017d) C:\Program Files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys
2011/03/27 12:07:16.0599 2876 F-Secure HIPS (f5aca65237c7511d5803cdc5e7003d75) C:\Program Files\Charter Security Suite\HIPS\drivers\fshs.sys
2011/03/27 12:07:16.0678 2876 F-Secure Recognizer (6ce1195511533c9359f91a9e63792f5e) C:\Program Files\Charter Security Suite\Anti-Virus\Win2K\FSrec.sys
2011/03/27 12:07:17.0006 2876 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/27 12:07:17.0162 2876 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/03/27 12:07:17.0256 2876 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/27 12:07:17.0334 2876 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/03/27 12:07:17.0459 2876 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/27 12:07:17.0584 2876 fsbts (0e3e5d0486c4e2128b9f0e1c2fd410c4) C:\WINDOWS\system32\Drivers\fsbts.sys
2011/03/27 12:07:17.0756 2876 FSFW (aca3910a53a057b8c3a6ebf4ef788c7c) C:\WINDOWS\system32\drivers\fsdfw.sys
2011/03/27 12:07:17.0912 2876 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/27 12:07:18.0006 2876 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/27 12:07:18.0131 2876 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/03/27 12:07:18.0271 2876 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/27 12:07:18.0381 2876 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/27 12:07:18.0615 2876 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/27 12:07:18.0912 2876 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/27 12:07:19.0146 2876 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/03/27 12:07:19.0256 2876 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/27 12:07:19.0365 2876 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/27 12:07:19.0490 2876 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/27 12:07:19.0631 2876 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/27 12:07:19.0724 2876 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/27 12:07:19.0896 2876 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/27 12:07:19.0990 2876 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/27 12:07:20.0099 2876 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/27 12:07:20.0162 2876 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/27 12:07:20.0256 2876 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/27 12:07:20.0334 2876 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/27 12:07:20.0474 2876 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/27 12:07:20.0756 2876 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/27 12:07:20.0881 2876 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/27 12:07:20.0974 2876 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/27 12:07:21.0131 2876 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/27 12:07:21.0256 2876 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/27 12:07:21.0396 2876 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/27 12:07:21.0553 2876 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/27 12:07:21.0693 2876 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/27 12:07:21.0787 2876 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/27 12:07:21.0896 2876 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/27 12:07:22.0006 2876 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/27 12:07:22.0162 2876 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/27 12:07:22.0287 2876 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/27 12:07:22.0459 2876 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/27 12:07:22.0553 2876 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/27 12:07:22.0646 2876 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/27 12:07:22.0724 2876 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/27 12:07:22.0849 2876 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/27 12:07:22.0990 2876 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/27 12:07:23.0099 2876 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/27 12:07:23.0303 2876 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/27 12:07:23.0412 2876 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/27 12:07:23.0599 2876 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/27 12:07:23.0709 2876 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/27 12:07:23.0803 2876 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/27 12:07:23.0943 2876 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/03/27 12:07:24.0193 2876 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/27 12:07:24.0318 2876 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/27 12:07:24.0459 2876 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/27 12:07:24.0678 2876 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/27 12:07:25.0287 2876 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/27 12:07:25.0381 2876 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/27 12:07:25.0474 2876 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/27 12:07:25.0896 2876 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/27 12:07:26.0053 2876 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/27 12:07:26.0162 2876 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/27 12:07:26.0287 2876 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/27 12:07:26.0412 2876 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/27 12:07:26.0553 2876 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/27 12:07:26.0693 2876 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/27 12:07:26.0865 2876 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/27 12:07:27.0162 2876 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Documents and Settings\Chrystal\Desktop\SASDIFSV.SYS
2011/03/27 12:07:27.0240 2876 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Documents and Settings\Chrystal\Desktop\SASKUTIL.SYS
2011/03/27 12:07:27.0428 2876 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/27 12:07:27.0553 2876 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/27 12:07:27.0646 2876 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/27 12:07:27.0771 2876 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/27 12:07:28.0021 2876 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/27 12:07:28.0131 2876 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/27 12:07:28.0271 2876 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/27 12:07:28.0459 2876 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/27 12:07:28.0537 2876 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/27 12:07:28.0881 2876 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/27 12:07:29.0053 2876 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/27 12:07:29.0240 2876 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/27 12:07:29.0349 2876 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/27 12:07:29.0443 2876 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/27 12:07:29.0724 2876 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/27 12:07:29.0943 2876 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/27 12:07:30.0178 2876 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/03/27 12:07:30.0318 2876 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/27 12:07:30.0428 2876 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/27 12:07:30.0537 2876 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/27 12:07:30.0662 2876 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/27 12:07:30.0818 2876 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/27 12:07:30.0990 2876 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/27 12:07:31.0178 2876 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/27 12:07:31.0443 2876 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/27 12:07:31.0928 2876 ================================================================================
2011/03/27 12:07:31.0943 2876 Scan finished
2011/03/27 12:07:31.0943 2876 ================================================================================
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby 12056 » Sun Mar 27, 2011 8:47 pm

Good, the logs look better, but I want to check a few more things:

In the same way as above:

Code: Select all
DirLook::
c:\documents and settings\Cash\Application Data\
c:\documents and settings\Beau
c:\documents and settings\Chrystal\Local Settings\Application Data\Temp
C:\DOCUMENTS AND SETTINGS\CASH\START MENU\PROGRAMS\STARTUP\
c:\documents and settings\All Users\Application Data\


Drag and Drop the file onto ComboFix.
And post the results...
Rhett Trappman
MyAntispyware.com Forum Security Team and Moderator
12056
 
Posts: 860
Joined: Sun Apr 25, 2010 9:57 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 9:59 pm

Here it is....It was pretty big file. My hour glass stays on while I type here.


ComboFix 11-03-26.02 - Chrystal 03/27/2011 17:37:31.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.255.132 [GMT -4:00]
Running from: c:\documents and settings\Chrystal\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Chrystal\Desktop\CFScript.txt
AV: Charter Security Suite 9.01 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Charter Security Suite 9.01 *Disabled* {D4747503-0346-49EB-9262-997542F79BF4}
.
.
((((((((((((((((((((((((( Files Created from 2011-02-27 to 2011-03-27 )))))))))))))))))))))))))))))))
.
.
2011-03-27 00:37 . 2011-03-27 00:37 -------- d-----w- c:\documents and settings\Chrystal\DoctorWeb
2011-03-26 22:38 . 2011-03-26 22:38 -------- d-----w- c:\documents and settings\Chrystal\Application Data\SUPERAntiSpyware.com
2011-03-26 22:38 . 2011-03-26 22:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-03-26 21:51 . 2011-03-26 21:51 -------- d-----w- c:\documents and settings\Chrystal\Application Data\Malwarebytes
2011-03-26 21:50 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-26 21:50 . 2011-03-26 21:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-26 21:50 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-26 21:20 . 2011-03-26 21:20 -------- d-----w- C:\_OTL
2011-03-26 19:51 . 2011-03-26 19:51 -------- d-----w- c:\program files\Trend Micro
2011-03-26 00:35 . 2011-03-26 00:36 -------- d-----w- c:\program files\Altnet Music Plugin
2011-03-22 04:06 . 2011-03-22 04:06 -------- d-----w- c:\program files\iPod
2011-03-22 03:20 . 2011-03-22 03:22 -------- d-----w- c:\program files\Safari
2011-03-22 01:00 . 2011-03-22 01:00 -------- d-----w- c:\documents and settings\Chrystal\Application Data\F-Secure
2011-03-16 16:30 . 2011-03-26 06:13 -------- d-----w- c:\documents and settings\Beau
2011-03-16 02:46 . 2011-03-16 02:46 -------- d-----w- c:\documents and settings\Chrystal\Local Settings\Application Data\Temp
2011-03-14 22:55 . 2011-03-14 22:55 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2011-03-13 02:25 . 2011-03-13 02:25 -------- d-----w- C:\e
2011-03-12 13:29 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-03-12 13:29 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-03-12 13:29 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-03-12 13:27 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-12 13:03 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-11 21:34 . 2011-03-11 21:34 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\scripting
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\l2schemas
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\en
2011-03-11 18:36 . 2011-03-11 18:36 -------- d-----w- c:\windows\system32\bits
2011-03-11 18:12 . 2011-03-11 18:12 -------- d-----w- c:\windows\EHome
2011-03-09 02:43 . 2011-03-09 02:43 -------- d-----w- c:\documents and settings\Alizabeth\Application Data\F-Secure
2011-03-05 17:26 . 2011-03-05 17:26 -------- d-sh--w- c:\documents and settings\Alizabeth\IECompatCache
2011-03-04 02:13 . 2011-03-04 02:13 -------- d-----w- c:\documents and settings\Alizabeth\Local Settings\Application Data\Apple
2011-03-03 21:11 . 2011-03-03 21:11 -------- d-----w- c:\documents and settings\Alizabeth\Local Settings\Application Data\Identities
2011-03-03 20:18 . 2011-03-03 20:18 -------- d-----w- c:\documents and settings\Chrystal\Local Settings\Application Data\Identities
2011-03-03 14:50 . 2011-03-03 14:50 -------- d-sh--w- c:\documents and settings\Cash\PrivacIE
2011-03-03 14:46 . 2011-03-03 14:46 -------- d-----w- c:\documents and settings\Cash\Application Data\Yahoo!
2011-03-01 04:47 . 2011-03-01 04:47 -------- d-sh--w- c:\documents and settings\Chrystal\IECompatCache
2011-02-28 23:55 . 2011-02-28 23:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-02-28 00:57 . 2011-02-28 00:57 -------- d-sh--w- c:\documents and settings\Cash\IETldCache
2011-02-27 22:27 . 2011-02-27 22:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure
2011-02-27 22:27 . 2011-02-27 22:35 42664 ----a-w- c:\windows\system32\drivers\fsbts.sys
2011-02-27 22:26 . 2011-02-27 23:08 82120 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2011-02-27 22:24 . 2011-02-27 23:09 -------- d-----w- c:\program files\Charter Security Suite
2011-02-27 22:23 . 2011-02-27 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg
2011-02-27 22:23 . 2011-02-27 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\f-secure
2011-02-27 20:03 . 2011-02-27 20:03 -------- d-sh--w- c:\documents and settings\Alizabeth\PrivacIE
2011-02-27 20:03 . 2011-02-27 20:03 -------- d-sh--w- c:\documents and settings\Alizabeth\IETldCache
2011-02-27 13:39 . 2011-02-27 13:39 -------- d-sh--w- c:\documents and settings\Abigail\IETldCache
2011-02-27 02:44 . 2011-02-27 02:44 -------- d-sh--w- c:\documents and settings\Chrystal\PrivacIE
2011-02-27 02:40 . 2011-02-27 02:40 -------- d-sh--w- c:\documents and settings\Chrystal\IETldCache
2011-02-27 02:34 . 2011-02-27 02:35 -------- dc-h--w- c:\windows\ie8
2011-02-27 02:30 . 2010-12-20 23:59 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-02-27 02:30 . 2010-12-20 23:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-02-27 02:30 . 2010-12-20 23:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-27 02:30 . 2010-12-20 23:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-27 02:30 . 2010-12-20 23:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-27 02:30 . 2010-12-20 23:59 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-02-27 02:30 . 2010-12-21 10:29 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-02-26 00:29 . 2011-02-26 00:29 -------- d-----w- c:\documents and settings\Abigail\Application Data\Apple Computer
2011-02-25 22:55 . 2011-02-25 22:55 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 20:36 . 2011-02-20 01:01 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2011-02-20 01:01 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53 . 2004-08-04 10:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 10:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2010-12-13 04:27 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-12-13 04:27 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-04 10:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-04 10:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 10:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users\Application Data\ ----
.
2011-03-26 21:52 . 2011-03-26 21:52 0 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat
2011-03-26 21:51 . 2011-03-26 21:51 115 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\link.txt
2011-03-26 21:51 . 2011-03-26 21:51 78 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\news.txt
2011-03-26 21:50 . 2011-03-26 21:51 6481325 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
2011-03-26 21:50 . 2011-03-26 21:51 94 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\local.dat
2011-03-26 21:50 . 2011-03-26 21:51 778 ----a-w- c:\documents and settings\All Users\Application Data\\Malwarebytes\Malwarebytes' Anti-Malware\config.dat
2011-03-23 14:31 . 2011-03-23 14:31 3535 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000007.xml
2011-03-23 04:44 . 2011-03-23 04:44 1523 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000006.xml
2011-03-23 00:10 . 2011-03-23 00:10 92385 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSFW\fulldiag.xml
2011-03-23 00:10 . 2011-03-23 00:10 37608 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSFW\fulldiag.xsl
2011-03-22 04:08 . 2011-03-22 04:34 400516 ---ha-w- c:\documents and settings\All Users\Application Data\\Apple Computer\iTunes\SC Info\SC Info.sidd
2011-03-22 04:08 . 2011-03-27 01:56 24 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\iTunes\SC Info\SC Info.txt
2011-03-22 04:08 . 2011-03-22 04:34 2032 ---ha-w- c:\documents and settings\All Users\Application Data\\Apple Computer\iTunes\SC Info\SC Info.sidb
2011-03-22 03:26 . 2011-03-22 03:26 38339072 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\Installer Cache\iTunes 10.2.1.1\iTunes.msi
2011-03-22 03:25 . 2011-03-22 03:25 73000 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\Installer Cache\iTunes 10.2.1.1\SetupAdmin.exe
2011-03-22 03:25 . 2011-03-22 03:25 9900032 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\Apple Mobile Device Support 3.4.0.25\AppleMobileDeviceSupport.msi
2011-03-22 03:20 . 2011-03-22 03:20 17973248 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\Installer Cache\Safari 5.33.20.27\Safari.msi
2011-03-22 03:20 . 2011-03-22 03:20 72488 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\Installer Cache\Safari 5.33.20.27\SetupAdmin.exe
2011-03-22 03:16 . 2011-03-22 03:16 17840128 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\AppleApplicationSupport 1.5.0\AppleApplicationSupport.msi
2011-03-22 00:49 . 2011-03-22 00:49 11041 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Lockdown\8964145fbe64da6f1cf5bd8e6038b9ea78b07d2c.plist
2011-03-16 21:18 . 2011-03-27 21:29 595 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Cache\8C50577CF3AEEA238EF7134C6147806F
2011-03-16 16:36 . 2011-03-27 21:29 379 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Cache\filelist
2011-03-15 21:01 . 2011-03-25 05:01 13 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\alrt_200.data
2011-03-15 20:49 . 2011-03-22 19:25 106916 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\us_p_c.data
2011-03-14 23:42 . 2011-03-24 22:26 26828 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\us_yb_c.data
2011-03-13 22:04 . 2011-03-27 01:50 14 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\alrt_201.data
2011-03-13 22:04 . 2011-03-26 00:44 13 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\alrt_200.data
2011-03-10 01:41 . 2011-03-10 01:41 1801 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000005.xml
2011-03-09 19:45 . 2011-03-09 19:45 3352 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000004.xml
2011-03-09 19:45 . 2011-03-09 19:45 3352 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000003.xml
2011-03-09 19:45 . 2011-03-09 19:45 3352 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000002.xml
2011-03-09 19:45 . 2011-03-09 19:45 3434 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Info\00000001.xml
2011-03-07 14:59 . 2011-03-22 11:56 106916 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\us_p_c.data
2011-03-06 05:33 . 2011-03-06 05:33 822 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\yrmc.bmp
2011-03-03 04:26 . 2011-03-03 04:26 973 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\amazon.gif
2011-02-27 23:15 . 2011-03-23 14:31 14257 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSAV\Users\removal.log
2011-02-27 23:07 . 2011-02-27 23:08 1551 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\fsiustarter.log
2011-02-27 22:34 . 2011-02-27 22:34 7873 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\ORSP Client\orspupd.log
2011-02-27 22:33 . 2011-02-27 23:09 14783 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\ilaunchr.log
2011-02-27 22:33 . 2011-02-27 22:33 1258 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\readme.txt
2011-02-27 22:30 . 2011-02-27 22:31 9439 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\fstnb\POSTINSTALLTNB.log
2011-02-27 22:30 . 2011-03-27 21:25 8751225 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSFW\action.log
2011-02-27 22:30 . 2011-02-27 22:30 655360 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSFW\alertlog.dat
2011-02-27 22:29 . 2011-03-27 21:26 79621 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSMA\fsma.log
2011-02-27 22:29 . 2011-03-20 13:51 102404 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSMA\fsma_old.log
2011-02-27 22:26 . 2011-02-27 22:27 671 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\NRS\NRSINST.LOG
2011-02-27 22:25 . 2011-02-27 22:25 635 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\custom\custinstall.log
2011-02-27 22:25 . 2011-03-27 21:25 256 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Index\0000.idx
2011-02-27 22:25 . 2011-03-27 21:25 256 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Index\0001.idx
2011-02-27 22:25 . 2011-03-27 21:25 256 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Index\0002.idx
2011-02-27 22:25 . 2011-03-27 21:25 256 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Index\0003.idx
2011-02-27 22:25 . 2011-03-27 21:25 256 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Quarantine\Repository\Index\0004.idx
2011-02-27 22:25 . 2009-08-05 15:55 3055 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Daas2\acl\fsc_root.acl
2011-02-27 22:25 . 2009-08-05 15:55 367 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Daas2\acl\fsc_revoke_hq.acl
2011-02-27 22:24 . 2011-02-27 22:27 10180 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\DAAS2\DAAS2INS.LOG
2011-02-27 22:24 . 2011-02-27 22:27 12320 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\ORSP Client\ORSPINST.LOG
2011-02-27 22:24 . 2011-02-27 22:27 13175 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\HIPS\hips_install.log
2011-02-27 22:24 . 2011-02-27 22:27 14150 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\logs\FSPC\FSPCINST.LOG
2011-02-27 22:23 . 2011-02-27 22:24 47568 ----a-w- c:\documents and settings\All Users\Application Data\\fssg\3488.3492.log
2011-02-27 22:23 . 2011-03-27 01:42 1211 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\Daas2\cert\fsc (revoke hq).crl
2011-02-27 22:23 . 2011-02-27 23:09 965 ----a-w- c:\documents and settings\All Users\Application Data\\f-secure\setup\ih8.cfg
2011-02-27 14:08 . 2011-02-27 14:08 900 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s20.png
2011-02-25 23:04 . 2011-02-26 02:23 13 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\alrt_200.data
2011-02-25 22:43 . 2011-02-25 22:43 892 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s19.png
2011-02-22 00:08 . 2011-02-22 00:08 821 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s74.png
2011-02-21 23:23 . 2011-02-21 23:23 912 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s32.png
2011-02-21 02:31 . 2011-02-21 02:31 1345 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s46.png
2011-02-21 02:28 . 2011-02-21 02:28 0 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\YUpdater\components.ini
2011-02-20 23:05 . 2011-02-20 23:05 1338 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s14.png
2011-02-20 21:52 . 2011-02-20 21:52 1639 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\us_sres.data
2011-02-20 21:52 . 2011-03-25 05:01 37 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\alrt_204.data
2011-02-20 21:52 . 2011-03-24 22:26 31256 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\0b8p014j7_l0d0bij8d4_o\feed4.data
2011-02-20 17:40 . 2011-02-20 17:40 880 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s26.png
2011-02-20 15:42 . 2011-02-20 15:42 1163 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s28.png
2011-02-20 03:52 . 2011-03-17 17:44 1639 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\us_sres.data
2011-02-20 03:52 . 2011-03-27 01:49 41 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\alrt_204.data
2011-02-20 03:52 . 2011-03-27 01:49 50032 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\feed4.data
2011-02-20 03:52 . 2011-03-25 20:56 106916 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\us_p_c.data
2011-02-20 03:52 . 2011-03-27 01:49 44651 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\27hoil0dd_o\us_yb_c.data
2011-02-20 02:03 . 2011-03-24 12:12 5060 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Network\Downloader\qmgr0.dat
2011-02-20 02:03 . 2011-03-24 12:12 4646 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Network\Downloader\qmgr1.dat
2011-02-20 01:08 . 2011-03-23 14:44 2858 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\iTunes\iPodDevices.xml
2011-02-20 01:07 . 2011-02-20 01:07 11035 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Lockdown\6e6c550c8042d86791d4a86eb217123359055824.plist
2011-02-20 01:07 . 2011-02-20 01:07 258 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Lockdown\SystemConfiguration.plist
2011-02-20 01:04 . 2011-03-22 04:08 2094 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxInstallLog.txt
2011-02-20 01:00 . 2011-02-20 01:00 52 --s-a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_5e1b2e6a-5d29-4061-b892-a34d766b7309
2011-02-20 00:57 . 2011-02-20 00:57 1163 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s30.png
2011-02-20 00:55 . 2011-02-20 00:55 888 --s-a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Crypto\RSA\MachineKeys\a5bac492b8a12a9b6bf4a5681cc06a21_5e1b2e6a-5d29-4061-b892-a34d766b7309
2011-02-20 00:55 . 2011-02-20 01:59 6660 ----a-w- c:\documents and settings\All Users\Application Data\\SMC Networks, Inc\InstallHelper.log
2011-02-20 00:54 . 2011-02-20 02:00 30627 ----a-w- c:\documents and settings\All Users\Application Data\\SMC Networks, Inc\SMC_installer.log
2011-02-20 00:53 . 2011-02-20 00:53 288 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\qsyma.bmp
2011-02-20 00:50 . 2011-03-16 16:34 1639 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\us_sres.data
2011-02-20 00:50 . 2011-03-27 01:55 12 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\alrt_200.data
2011-02-20 00:50 . 2011-03-27 01:55 13 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\alrt_201.data
2011-02-20 00:50 . 2011-03-27 21:29 41 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\alrt_204.data
2011-02-20 00:50 . 2011-03-27 21:29 49653 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\feed4.data
2011-02-20 00:50 . 2011-03-27 21:29 42056 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\default\us_yb_c.data
2011-02-20 00:46 . 2011-02-26 02:20 14 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\alrt_201.data
2011-02-20 00:46 . 2011-02-26 02:09 43 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\alrt_204.data
2011-02-20 00:45 . 2011-03-26 21:42 2631 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\yau\toolbar_temp.xml
2011-02-20 00:45 . 2011-02-20 00:45 2472 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\news_s.bmp
2011-02-20 00:45 . 2011-02-20 00:45 1199 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\mess_01_spc_s1.png
2011-02-20 00:45 . 2011-02-20 00:45 1096 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\tmsgr_s0.bmp
2011-02-20 00:45 . 2011-02-20 00:45 1028 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\tmsgr_s1.bmp
2011-02-20 00:45 . 2011-02-20 00:45 163 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ecap_s0.png
2011-02-20 00:45 . 2011-02-20 00:45 240 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_site_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 274 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\trav_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 277 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\mov_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 273 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_stk_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 284 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_map_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 138 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\flk2.gif
2011-02-20 00:45 . 2011-02-20 00:45 113 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\del_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 380 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\edu.bmp
2011-02-20 00:45 . 2011-02-20 00:45 268 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\ab_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 121 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_nws_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 279 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\hj_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 304 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\dir.bmp
2011-02-20 00:45 . 2011-02-20 00:45 113 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_aud_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 265 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_ans_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 123 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_sh_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 131 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_loc_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 112 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_vid_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 112 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_img_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 235 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\srch_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 666 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\sset_02_s1.png
2011-02-20 00:45 . 2011-02-20 00:45 139 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ecap_s1_h.png
2011-02-20 00:45 . 2011-02-20 00:45 168 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ecap_s1.png
2011-02-20 00:45 . 2011-02-20 00:45 140 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ecap_s0_h.png
2011-02-20 00:45 . 2011-02-20 00:45 599 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_flickr.png
2011-02-20 00:45 . 2011-02-20 00:45 1074 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\w\wea_01_spc_s27.png
2011-02-20 00:45 . 2011-02-20 00:45 534 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_shop.png
2011-02-20 00:45 . 2011-02-20 00:45 925 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_personals.png
2011-02-20 00:45 . 2011-02-20 00:45 3690 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_sports.png
2011-02-20 00:45 . 2011-02-20 00:45 965 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_music.png
2011-02-20 00:45 . 2011-02-20 00:45 245 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\yp_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 274 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\nws_1.gif
2011-02-20 00:45 . 2011-02-20 00:45 575 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\tb_games2.png
2011-02-20 00:45 . 2011-02-20 00:45 1496 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\ybangpurple3.bmp
2011-02-20 00:45 . 2011-02-20 00:45 1028 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\msgr_on.bmp
2011-02-20 00:45 . 2011-02-20 00:45 1199 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\mess_01_spc_s0.png
2011-02-20 00:45 . 2011-02-20 00:45 2051 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ybang_pp.png
2011-02-20 00:45 . 2011-02-20 00:45 598 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\sset_02_s0.png
2011-02-20 00:45 . 2011-02-26 02:09 50053 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\feed4.data
2011-02-20 00:45 . 2011-02-26 02:09 105062 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\us_p_c.data
2011-02-20 00:45 . 2011-02-26 02:09 44593 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\us_yb_c.data
2011-02-20 00:45 . 2011-02-20 00:45 1406 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\cayas2.ico
2011-02-20 00:45 . 2011-02-20 00:45 768 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Icons\e\ebay27_spc.png
2011-02-20 00:45 . 2011-02-20 00:45 1638 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\Data\7ebocei4iqq_o\us_sres.data
2011-02-20 00:03 . 2011-03-27 21:25 1779 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\yau\ysp_temp.xml
2011-02-20 00:03 . 2011-02-20 00:03 191 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\SearchProtection\YSPMachineSpecific.xml
2011-02-19 23:39 . 2011-03-26 21:38 1502 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\yau\yautoupdater_temp.xml
2011-02-19 23:39 . 2011-02-20 00:03 2473 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo! Companion\bootstrap.ini
2011-02-19 23:38 . 2010-04-21 00:45 607472 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\YUpdater\yupdater.exe
2011-01-25 23:01 . 2011-01-25 23:01 26896384 ----a-w- c:\documents and settings\All Users\Application Data\\Apple Computer\Installer Cache\QuickTime 7.69.80.9\QuickTime.msi
2011-01-21 09:27 . 2011-01-21 09:27 2097664 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\Apple Software Update 2.1.2.120\AppleSoftwareUpdate.msi
2011-01-21 09:22 . 2011-01-21 09:22 2335744 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\Bonjour 2.0.4.0\Bonjour.msi
2011-01-21 09:18 . 2011-01-21 09:18 9895424 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\Apple Mobile Device Support 3.3.1.3\AppleMobileDeviceSupport.msi
2011-01-21 08:33 . 2011-01-21 08:33 18530816 ----a-w- c:\documents and settings\All Users\Application Data\\Apple\Installer Cache\AppleApplicationSupport 1.4.1\AppleApplicationSupport.msi
2011-01-09 20:25 . 2011-02-19 23:22 21000 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Dr Watson\user.dmp
2010-12-13 04:58 . 2011-03-23 04:39 6326238 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Dr Watson\drwtsn32.log
2010-12-13 04:41 . 2010-12-13 07:54 6976 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Chrystal.bmp
2010-12-13 04:41 . 2011-02-28 01:39 6976 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Cash.bmp
2010-12-13 04:41 . 2010-12-13 07:55 6976 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Beau.bmp
2010-12-13 04:41 . 2011-03-13 20:31 5248 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Alizabeth.bmp
2010-12-13 04:41 . 2010-12-13 07:55 6976 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Abigail.bmp
2010-12-13 04:38 . 2010-12-13 04:38 893 --s-a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Crypto\RSA\S-1-5-18\d42cc0c3858a58db2db37658219e6400_5e1b2e6a-5d29-4061-b892-a34d766b7309
2010-12-13 04:33 . 2010-12-13 04:33 720896 ---h--r- c:\documents and settings\All Users\Application Data\\Microsoft\Media Player\UserMigratedStore_59R.bin
2010-12-13 04:33 . 2010-12-13 04:33 720896 ---h--r- c:\documents and settings\All Users\Application Data\\Microsoft\Media Player\DefaultStore_59R.bin
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\guest.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\skater.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\red flower.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\palm tree.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\lift-off.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\kick.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\horses.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\frog.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\duck.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\drip.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\dog.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\dirt bike.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\chess.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\car.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\beach.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\snowflake.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\guitar.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\pink flower.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\fish.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\cat.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\butterfly.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\ball.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\astronaut.bmp
2010-12-13 04:30 . 2004-08-04 10:00 6968 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\User Account Pictures\Default Pictures\airplane.bmp
2010-12-13 04:26 . 2001-07-21 22:24 853 ----a-w- c:\documents and settings\All Users\Application Data\\Microsoft\Network\Connections\Pbk\sharedaccess.ini
2010-12-12 20:13 . 2010-12-12 20:13 62 --sha-w- c:\documents and settings\All Users\Application Data\\desktop.ini
2010-04-01 03:34 . 2011-03-26 18:26 321 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\SearchProtection\config.xml
2010-04-01 03:34 . 2010-04-01 03:34 322 ----a-w- c:\documents and settings\All Users\Application Data\\Yahoo!\SearchProtection\YSPSetting.xml
2009-06-03 13:32 . 2009-06-03 13:32 7994 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\gearaspiwdmx86.cat
2009-05-18 17:48 . 2009-05-18 17:48 2763 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\GEARAspiWDM.inf
2009-05-18 17:17 . 2009-05-18 17:17 26600 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspiWDM.sys
2009-02-04 17:56 . 2009-02-04 17:56 75112 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
2008-04-17 16:12 . 2008-04-17 16:12 107368 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll
2006-11-02 10:21 . 2006-11-02 10:21 319456 ----a-w- c:\documents and settings\All Users\Application Data\\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll
.
---- Directory of c:\documents and settings\Beau ----
.
2011-03-26 06:12 . 2011-03-26 06:12 572 ----a-w- c:\documents and settings\Beau\Cookies\beau@join.kazaa[1].txt
2011-03-26 06:12 . 2011-03-26 06:12 965 ----a-w- c:\documents and settings\Beau\Cookies\beau@www.yahoo[1].txt
2011-03-26 06:11 . 2011-03-26 06:11 169472 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{F0D8D666-576F-11E0-9AA3-00087411DF9F}.dat
2011-03-26 06:10 . 2011-03-26 06:10 1146 ----a-w- c:\documents and settings\Beau\Cookies\beau@kazaa[2].txt
2011-03-26 05:59 . 2011-03-26 00:39 32768 --sha-w- c:\documents and settings\Beau\Local Settings\History\History.IE5\MSHist012011032620110327\index.dat
2011-03-26 00:33 . 2011-03-26 00:33 264212 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1
2011-03-26 00:33 . 2011-03-26 00:33 120 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1
2011-03-26 00:33 . 2011-03-26 00:33 278388 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
2011-03-26 00:33 . 2011-03-26 00:33 124 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
2011-03-26 00:25 . 2011-03-26 00:25 353348 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\A9FA719F40AED6C7B3D197BC7C4E8C0C
2011-03-26 00:25 . 2011-03-26 00:25 98 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\A9FA719F40AED6C7B3D197BC7C4E8C0C
2011-03-26 00:24 . 2011-03-26 00:24 242 ----a-w- c:\documents and settings\Beau\Cookies\beau@r.msn[1].txt
2011-03-26 00:24 . 2011-03-26 00:24 372 ----a-w- c:\documents and settings\Beau\Cookies\beau@619259.r.msn[1].txt
2011-03-25 20:56 . 2011-03-26 00:39 32768 --sha-w- c:\documents and settings\Beau\Local Settings\History\History.IE5\MSHist012011032520110326\index.dat
2011-03-25 20:56 . 2011-03-25 20:56 231 ----a-w- c:\documents and settings\Beau\Cookies\beau@adobe[1].txt
2011-03-24 02:01 . 2011-03-24 02:01 465 ----a-w- c:\documents and settings\Beau\Cookies\beau@verizon[1].txt
2011-03-24 02:01 . 2011-03-24 02:01 102 ----a-w- c:\documents and settings\Beau\Cookies\beau@mail.yahoo[2].txt
2011-03-24 02:01 . 2011-03-24 02:01 132 ----a-w- c:\documents and settings\Beau\Cookies\beau@verizonwireless.tt.omtrdc[1].txt
2011-03-24 02:01 . 2011-03-24 02:01 86 ----a-w- c:\documents and settings\Beau\Cookies\beau@nbillpay.verizonwireless[1].txt
2011-03-24 02:01 . 2011-03-24 02:01 168 ----a-w- c:\documents and settings\Beau\Cookies\beau@www.hiddenlistings[2].txt
2011-03-24 01:57 . 2011-03-24 02:00 1569 ----a-w- c:\documents and settings\Beau\Cookies\beau@hudhomestore.secureportalk[1].txt
2011-03-24 01:49 . 2011-03-24 01:49 560570 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\99B69EA4C24B091A71C28096A3B31AC8
2011-03-24 01:49 . 2011-03-24 01:49 98 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\99B69EA4C24B091A71C28096A3B31AC8
2011-03-24 01:49 . 2011-03-24 01:49 902 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\4859D5BAC918334C46BD5ECFE050190D
2011-03-24 01:49 . 2011-03-24 01:49 96 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\4859D5BAC918334C46BD5ECFE050190D
2011-03-24 01:10 . 2011-03-24 01:10 405 ----a-w- c:\documents and settings\Beau\Cookies\beau@xgraph[2].txt
2011-03-24 01:10 . 2011-03-24 01:10 109 ----a-w- c:\documents and settings\Beau\Cookies\beau@pixel.rubiconproject[1].txt
2011-03-24 01:10 . 2011-03-24 01:10 85 ----a-w- c:\documents and settings\Beau\Cookies\beau@rubiconproject[1].txt
2011-03-24 01:10 . 2011-03-24 01:10 231 ----a-w- c:\documents and settings\Beau\Cookies\beau@addthis[1].txt
2011-03-24 01:10 . 2011-03-24 01:10 186 ----a-w- c:\documents and settings\Beau\Cookies\beau@mathtag[2].txt
2011-03-24 01:10 . 2011-03-24 01:10 103 ----a-w- c:\documents and settings\Beau\Cookies\beau@yumenetworks[2].txt
2011-03-24 01:10 . 2011-03-24 01:10 361 ----a-w- c:\documents and settings\Beau\Cookies\beau@opt.fimserve[2].txt
2011-03-24 01:10 . 2011-03-24 01:10 187 ----a-w- c:\documents and settings\Beau\Cookies\beau@quantserve[2].txt
2011-03-24 01:09 . 2011-03-24 01:09 185 ----a-w- c:\documents and settings\Beau\Cookies\beau@www22.verizon[2].txt
2011-03-24 01:09 . 2011-03-24 01:09 41060 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\3D92AA46528C641563CDBD3F2348EA10
2011-03-24 01:09 . 2011-03-24 01:09 110 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\3D92AA46528C641563CDBD3F2348EA10
2011-03-24 01:09 . 2011-03-24 01:45 2560 ----a-w- c:\documents and settings\Beau\Cookies\beau@www35.vzw[2].txt
2011-03-24 01:08 . 2011-03-24 01:41 645 ----a-w- c:\documents and settings\Beau\Cookies\beau@verizonwireless[1].txt
2011-03-24 01:08 . 2011-03-26 00:23 716 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\5Y13ZLZM\search.yahoo[1].xml
2011-03-24 01:08 . 2011-03-26 00:22 32768 --sha-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
2011-03-24 00:33 . 2011-03-24 00:33 70 ----a-w- c:\documents and settings\Beau\Cookies\beau@vizu[1].txt
2011-03-24 00:33 . 2011-03-24 01:49 49152 --sha-w- c:\documents and settings\Beau\Local Settings\History\History.IE5\MSHist012011032320110324\index.dat
2011-03-24 00:33 . 2011-03-24 00:32 49152 --sha-w- c:\documents and settings\Beau\Local Settings\History\History.IE5\MSHist012011031420110321\index.dat
2011-03-24 00:32 . 2011-03-26 00:22 1710 ----a-w- c:\documents and settings\Beau\Cookies\beau@yahoo[3].txt
2011-03-20 01:10 . 2011-03-20 01:10 113 ----a-w- c:\documents and settings\Beau\Cookies\beau@scorecardresearch[2].txt
2011-03-19 19:40 . 2011-03-19 19:40 17838 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat
2011-03-19 19:39 . 2011-03-19 19:39 92 ----a-w- c:\documents and settings\Beau\Cookies\beau@audienceiq[1].txt
2011-03-19 19:38 . 2011-03-19 19:39 939 ----a-w- c:\documents and settings\Beau\Cookies\beau@www.freecreditreport[2].txt
2011-03-19 19:36 . 2011-03-19 19:39 1244 ----a-w- c:\documents and settings\Beau\Cookies\beau@freecreditreport[2].txt
2011-03-19 19:34 . 2011-03-19 19:34 883 ----a-w- c:\documents and settings\Beau\Cookies\beau@adboost.finalid[1].txt
2011-03-19 19:31 . 2011-03-19 19:31 1952 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\CC8AB4F39B5BEE7A1413C682ED05BBF3
2011-03-19 19:31 . 2011-03-19 19:31 132 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\CC8AB4F39B5BEE7A1413C682ED05BBF3
2011-03-19 18:59 . 2011-03-24 00:34 355712 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\6EBD64D10699FAC27DB398A7D7D351C7
2011-03-19 18:59 . 2011-03-24 00:34 98 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\6EBD64D10699FAC27DB398A7D7D351C7
2011-03-19 18:51 . 2011-03-19 18:54 4096 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E2C77CBF-5259-11E0-9A93-00087411DF9F}.dat
2011-03-19 18:46 . 2011-03-19 18:46 67 ----a-w- c:\documents and settings\Beau\Cookies\beau@eedfl.w1q1[1].txt
2011-03-19 18:45 . 2011-03-19 18:46 192 ----a-w- c:\documents and settings\Beau\Cookies\beau@g.adspeed[1].txt
2011-03-19 18:45 . 2011-03-19 18:45 328 ----a-w- c:\documents and settings\Beau\Cookies\beau@social.bidsystem[1].txt
2011-03-19 18:43 . 2011-03-19 18:43 121 ----a-w- c:\documents and settings\Beau\Cookies\beau@delb.opt.fimserve[1].txt
2011-03-19 18:43 . 2011-03-19 18:43 108 ----a-w- c:\documents and settings\Beau\Cookies\beau@bidsystem[1].txt
2011-03-19 18:42 . 2011-03-19 18:43 252 ----a-w- c:\documents and settings\Beau\Cookies\beau@facebook[1].txt
2011-03-17 22:16 . 2011-03-17 22:16 292 ----a-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\UserData\RBGL7K3P\YL[1].xml
2011-03-17 22:07 . 2011-03-17 22:09 602 ----a-w- c:\documents and settings\Beau\Cookies\beau@homepath[2].txt
2011-03-17 22:01 . 2011-03-17 22:07 391 ----a-w- c:\documents and settings\Beau\Cookies\beau@www.homepath[2].txt
2011-03-17 18:32 . 2011-03-17 18:32 307 ----a-w- c:\documents and settings\Beau\Cookies\beau@getlocalrealestate[1].txt
2011-03-17 18:31 . 2011-03-17 18:31 101 ----a-w- c:\documents and settings\Beau\Cookies\beau@data.cmcore[1].txt
2011-03-17 18:30 . 2011-03-24 01:09 201 ----a-w- c:\documents and settings\Beau\Cookies\beau@abmr[1].txt
2011-03-17 18:28 . 2011-03-17 18:28 70 ----a-w- c:\documents and settings\Beau\Cookies\beau@nexac[1].txt
2011-03-17 17:42 . 2011-03-17 17:42 634 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\CDBAE407E3CC3C1971C5B1D7F8BC5323
2011-03-17 17:42 . 2011-03-17 17:42 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\CDBAE407E3CC3C1971C5B1D7F8BC5323
2011-03-17 17:42 . 2011-03-17 17:42 634 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\976A89D6649334E7F25CF1CA60D5EA33
2011-03-17 17:42 . 2011-03-17 17:42 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\976A89D6649334E7F25CF1CA60D5EA33
2011-03-17 17:42 . 2011-03-17 21:56 32768 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\UserData\index.dat
2011-03-17 17:42 . 2011-03-17 17:42 88 ----a-w- c:\documents and settings\Beau\Cookies\beau@yahoo[1].txt
2011-03-17 17:42 . 2011-03-17 17:42 634 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\60271CC5BD6C3BE7C10FBE1B0D6D616B
2011-03-17 17:42 . 2011-03-17 17:42 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\60271CC5BD6C3BE7C10FBE1B0D6D616B
2011-03-17 17:42 . 2011-03-26 00:26 12742 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\60AFF29402D5BFF56E480ACAADCFEEF5
2011-03-17 17:42 . 2011-03-26 00:26 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\60AFF29402D5BFF56E480ACAADCFEEF5
2011-03-17 17:42 . 2011-03-17 17:42 634 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\FB218EE03C9BD64653007CC8F18E76A2
2011-03-17 17:42 . 2011-03-17 17:42 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\FB218EE03C9BD64653007CC8F18E76A2
2011-03-17 17:41 . 2011-03-17 22:16 20974 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\DEEA0BD81CC3B68E08E92D12B0916963
2011-03-17 17:41 . 2011-03-17 22:16 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\DEEA0BD81CC3B68E08E92D12B0916963
2011-03-16 18:01 . 2011-03-26 06:12 2686826 ---ha-w- c:\documents and settings\Beau\Local Settings\Application Data\IconCache.db
2011-03-16 17:58 . 2011-03-16 17:58 71 ----a-w- c:\documents and settings\Beau\Cookies\beau@login.vzw[1].txt
2011-03-16 17:46 . 2011-03-16 17:46 412 ----a-w- c:\documents and settings\Beau\Cookies\beau@search.vzw[2].txt
2011-03-16 17:26 . 2011-03-16 17:26 7582 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
2011-03-16 17:26 . 2011-03-26 06:11 4608 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{792B7B12-4FF2-11E0-9A8C-00087411DF9F}.dat
2011-03-16 16:50 . 2011-03-16 16:50 83 ----a-w- c:\documents and settings\Beau\Cookies\beau@login.verizonwireless[1].txt
2011-03-16 16:42 . 2011-03-16 16:42 520989 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\08E382DC40DC2B571439BB7A5449C239
2011-03-16 16:42 . 2011-03-16 16:42 116 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\08E382DC40DC2B571439BB7A5449C239
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\440AE73B017A477382DEFF7C0DBE4896FED21079.heu
2011-03-16 16:41 . 2011-03-16 16:41 54532 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\440AE73B017A477382DEFF7C0DBE4896FED21079.swz
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.heu
2011-03-16 16:41 . 2011-03-16 16:41 319300 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.swz
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\6DDB94AE3365798230849FA0F931AC132FE417D1.heu
2011-03-16 16:41 . 2011-03-16 16:41 131925 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\6DDB94AE3365798230849FA0F931AC132FE417D1.swz
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\381814F6F5270FFBB27E244D6138BC023AF911D5.heu
2011-03-16 16:41 . 2011-03-16 16:41 157002 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\381814F6F5270FFBB27E244D6138BC023AF911D5.swz
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.heu
2011-03-16 16:41 . 2011-03-16 16:41 627102 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.swz
2011-03-16 16:41 . 2011-03-24 01:08 148 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\C3306B26751D6A80EB1FCB651912469AE18819AB.heu
2011-03-16 16:41 . 2011-03-16 16:41 98077 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\C3306B26751D6A80EB1FCB651912469AE18819AB.swz
2011-03-16 16:41 . 2011-03-16 16:41 8 ----a-w- c:\documents and settings\Beau\Application Data\Adobe\Flash Player\AssetCache\QS5G3JUD\cacheSize.txt
2011-03-16 16:41 . 2011-03-16 16:41 494 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC
2011-03-16 16:41 . 2011-03-16 16:41 130 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC
2011-03-16 16:41 . 2011-03-16 16:41 220 ----a-w- c:\documents and settings\Beau\Cookies\beau@aggregateknowledge[2].txt
2011-03-16 16:41 . 2011-03-24 01:10 313 ----a-w- c:\documents and settings\Beau\Cookies\beau@adnxs[2].txt
2011-03-16 16:41 . 2011-03-16 16:41 495 ----a-w- c:\documents and settings\Beau\Cookies\beau@amgdgt[1].txt
2011-03-16 16:41 . 2011-03-16 16:41 280265 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\889847424549FBDB7D7C39B4F673A51B
2011-03-16 16:41 . 2011-03-16 16:41 112 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\889847424549FBDB7D7C39B4F673A51B
2011-03-16 16:41 . 2011-03-16 16:41 500 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B
2011-03-16 16:41 . 2011-03-16 16:41 100 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B
2011-03-16 16:41 . 2011-03-16 16:41 148397 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\FF12A18C0F89FCF92203FB3ECB2E1F37
2011-03-16 16:41 . 2011-03-16 16:41 96 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\FF12A18C0F89FCF92203FB3ECB2E1F37
2011-03-16 16:41 . 2011-03-16 16:41 619 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10
2011-03-16 16:41 . 2011-03-16 16:41 206 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10
2011-03-16 16:41 . 2011-03-16 16:41 173544 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\F1811F615951DD19E6529A17730594D7
2011-03-16 16:41 . 2011-03-16 16:41 98 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\F1811F615951DD19E6529A17730594D7
2011-03-16 16:41 . 2011-03-26 00:26 772 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479
2011-03-16 16:41 . 2011-03-26 00:26 138 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479
2011-03-16 16:41 . 2011-03-16 16:41 292107 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\00813F57C0CBB9A83349C874FD014078
2011-03-16 16:41 . 2011-03-16 16:41 124 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\00813F57C0CBB9A83349C874FD014078
2011-03-16 16:41 . 2011-03-24 01:10 404 ----a-w- c:\documents and settings\Beau\Cookies\beau@turn[2].txt
2011-03-16 16:41 . 2011-03-16 16:41 121528 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\9CAC40F8130AC231F0057DE52E0DDEC9
2011-03-16 16:41 . 2011-03-16 16:41 126 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\9CAC40F8130AC231F0057DE52E0DDEC9
2011-03-16 16:41 . 2011-03-16 16:41 153291 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\930D1D196EE05A60D0FD6680AB99D0D5
2011-03-16 16:41 . 2011-03-16 16:41 120 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\930D1D196EE05A60D0FD6680AB99D0D5
2011-03-16 16:41 . 2011-03-16 16:41 429 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\B681B8816EE79EAEAA5CA7DA9EC0DC58
2011-03-16 16:41 . 2011-03-16 16:41 136 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\B681B8816EE79EAEAA5CA7DA9EC0DC58
2011-03-16 16:41 . 2011-03-16 16:41 389 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\9CD8982C888AB544945893084BD7523A
2011-03-16 16:41 . 2011-03-16 16:41 186201 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\C25FBC9FE17D1C30FF964815C35F0AB3
2011-03-16 16:41 . 2011-03-16 16:41 132 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\9CD8982C888AB544945893084BD7523A
2011-03-16 16:41 . 2011-03-16 16:41 132 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\C25FBC9FE17D1C30FF964815C35F0AB3
2011-03-16 16:41 . 2011-03-16 16:41 777 ----a-w- c:\documents and settings\Beau\Cookies\beau@bluekai[1].txt
2011-03-16 16:41 . 2011-03-16 16:41 6715 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\2A2DE0E6917320F415C3FF83D3527A48
2011-03-16 16:41 . 2011-03-16 16:41 106 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\2A2DE0E6917320F415C3FF83D3527A48
2011-03-16 16:41 . 2011-03-16 16:41 545 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8
2011-03-16 16:41 . 2011-03-16 16:41 146 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8
2011-03-16 16:40 . 2011-03-26 00:26 10260 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\4DB1DABDF57ED9997FE8DCC77E93C04F
2011-03-16 16:40 . 2011-03-26 00:26 98 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\4DB1DABDF57ED9997FE8DCC77E93C04F
2011-03-16 16:40 . 2011-03-16 16:40 215701 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\3D434AAE04CA1A2D4163E0DAD70AE256
2011-03-16 16:40 . 2011-03-16 16:40 126 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\3D434AAE04CA1A2D4163E0DAD70AE256
2011-03-16 16:40 . 2011-03-16 16:40 1181 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447
2011-03-16 16:40 . 2011-03-16 16:40 178 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447
2011-03-16 16:40 . 2011-03-16 16:40 81 ----a-w- c:\documents and settings\Beau\Cookies\beau@www.verizonwireless[1].txt
2011-03-16 16:40 . 2011-03-16 16:40 522933 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\1B9435E949F2B3D267BABDE0C8BC19A6
2011-03-16 16:40 . 2011-03-16 16:40 134 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B9435E949F2B3D267BABDE0C8BC19A6
2011-03-16 16:40 . 2011-03-16 16:40 1310 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
2011-03-16 16:40 . 2011-03-16 16:40 100 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
2011-03-16 16:40 . 2011-03-16 16:40 447 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\04AFA8793E5CDC4A81C6CD4554A30707
2011-03-16 16:40 . 2011-03-16 16:40 118 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\04AFA8793E5CDC4A81C6CD4554A30707
2011-03-16 16:40 . 2011-03-16 16:40 554 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\D4F348B882DF3F205ECCB6243795CB3A
2011-03-16 16:40 . 2011-03-16 16:40 112 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\D4F348B882DF3F205ECCB6243795CB3A
2011-03-16 16:40 . 2011-03-16 16:40 30436 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
2011-03-16 16:40 . 2011-03-16 16:40 216 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
2011-03-16 16:40 . 2011-03-16 16:40 18 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
2011-03-16 16:40 . 2011-03-16 16:40 216 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
2011-03-16 16:40 . 2011-03-16 16:41 123 ----a-w- c:\documents and settings\Beau\Cookies\beau@vzw[1].txt
2011-03-16 16:36 . 2011-03-19 19:32 272842 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\96D7A99548C36B10D2E8035A3E0DCA1A
2011-03-16 16:36 . 2011-03-19 19:32 134 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\96D7A99548C36B10D2E8035A3E0DCA1A
2011-03-16 16:36 . 2011-03-16 16:40 533 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
2011-03-16 16:36 . 2011-03-16 16:40 100 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
2011-03-16 16:36 . 2011-03-16 16:41 898 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
2011-03-16 16:36 . 2011-03-16 16:41 94 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
2011-03-16 16:36 . 2011-03-16 16:40 16450 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
2011-03-16 16:36 . 2011-03-16 16:40 110 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
2011-03-16 16:36 . 2011-03-16 16:40 886 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
2011-03-16 16:36 . 2011-03-16 16:40 134 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
2011-03-16 16:35 . 2011-03-16 16:35 24 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Protect\S-1-5-21-448539723-1035525444-725345543-1008\Preferred
2011-03-16 16:35 . 2011-03-16 16:35 388 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Protect\S-1-5-21-448539723-1035525444-725345543-1008\cb6e6e5a-8f1c-455a-8fff-f35c93417261
2011-03-16 16:35 . 2011-03-16 16:35 24 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Protect\CREDHIST
2011-03-16 16:35 . 2011-03-16 16:35 318 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{C4C7E16F-D061-4D84-9DCA-258A75663139}.ico
2011-03-16 16:35 . 2011-03-16 16:35 318 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{2381E4B7-5C04-459E-9D46-2F9AC1608B66}.ico
2011-03-16 16:35 . 2011-03-16 16:40 2000 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
2011-03-16 16:35 . 2011-03-16 16:40 112 --s-a-w- c:\documents and settings\Beau\Application Data\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
2011-03-16 16:35 . 2011-03-16 16:35 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\6E1UEPPJ\ieonline.microsoft[1]
2011-03-16 16:35 . 2011-03-16 18:01 32768 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Suggested Sites~.feed-ms
2011-03-16 16:35 . 2011-03-16 16:36 302 ----a-w- c:\documents and settings\Beau\Favorites\Links\Suggested Sites.url
2011-03-16 16:35 . 2011-03-16 16:35 16384 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
2011-03-16 16:34 . 2011-03-26 00:39 311296 --sha-w- c:\documents and settings\Beau\PrivacIE\index.dat
2011-03-16 16:34 . 2011-03-26 00:24 1006 ----a-w- c:\documents and settings\Beau\Application Data\Yahoo!\Companion\data
2011-03-16 16:34 . 2011-03-16 16:34 1621 ----a-w- c:\documents and settings\Beau\Application Data\Yahoo!\Companion\resources
2011-03-16 16:33 . 2011-03-16 16:33 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Apple Computer\QuickTime\QuickTime.qtp
2011-03-16 16:32 . 2011-03-16 16:32 318 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Services\Send_yahoo.com.ico
2011-03-16 16:32 . 2009-11-11 06:25 1441 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Services\Send_yahoo.com.xml
2011-03-16 16:32 . 2011-03-16 16:32 318 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\Services\Map_yahoo.com.ico
2011-03-16 16:32 . 2011-03-16 16:32 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\RWYKJ3QD\fwlink[1]
2011-03-16 16:32 . 2011-03-16 16:32 226 ----a-w- c:\documents and settings\Beau\Favorites\Links\Web Slice Gallery.url
2011-03-16 16:32 . 2011-03-16 16:32 28672 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Web Slice Gallery~.feed-ms
2011-03-16 16:32 . 2011-03-16 16:32 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\XX54ZWKW\update[1]
2011-03-16 16:32 . 2011-03-16 16:32 28672 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Yahoo! Mail~.feed-ms
2011-03-16 16:32 . 2011-03-16 16:32 216 ----a-w- c:\documents and settings\Beau\Favorites\Links\Yahoo! Mail.url
2011-03-16 16:32 . 2011-03-16 16:32 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\I64IVSYR\fwlink[1]
2011-03-16 16:32 . 2011-03-16 16:32 28672 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\Microsoft Feeds~\Microsoft at Work~.feed-ms
2011-03-16 16:31 . 2011-03-16 16:31 0 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\6E1UEPPJ\fwlink[1]
2011-03-16 16:31 . 2011-03-16 18:01 6144 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\FeedsStore.feedsdb-ms
2011-03-16 16:31 . 2011-03-16 16:31 28672 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds\Microsoft Feeds~\Microsoft at Home~.feed-ms
2011-03-16 16:31 . 2011-03-16 16:31 67 --sh--w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\RWYKJ3QD\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 67 --sh--w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\XX54ZWKW\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 67 --sh--w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\6E1UEPPJ\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 67 --sh--w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\I64IVSYR\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 67 --sh--w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini
2011-03-16 16:31 . 2011-03-26 00:39 32768 --sha-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
2011-03-16 16:31 . 2011-03-16 16:31 109 ----a-w- c:\documents and settings\Beau\Favorites\Links\eBay.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\Marketplace.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\Welcome to IE8.url
2011-03-16 16:31 . 2011-03-16 16:31 208 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Sports.url
2011-03-16 16:31 . 2011-03-16 16:31 201 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\News.url
2011-03-16 16:31 . 2011-03-16 16:31 207 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Shopping.url
2011-03-16 16:31 . 2011-03-16 16:31 187 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\My Yahoo!.url
2011-03-16 16:31 . 2011-03-16 16:31 185 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Mail.url
2011-03-16 16:31 . 2011-03-16 16:31 204 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Finance.url
2011-03-16 16:31 . 2011-03-16 16:31 187 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Flickr.url
2011-03-16 16:31 . 2011-03-16 16:31 199 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Answers.url
2011-03-16 16:31 . 2011-03-16 16:31 199 ----a-w- c:\documents and settings\Beau\Favorites\Yahoo! Websites\Yahoo!.url
2011-03-16 16:31 . 2011-03-16 16:31 84 --sha-w- c:\documents and settings\Beau\Favorites\Links\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 134 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\Microsoft Store.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\Microsoft At Work.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\Microsoft At Home.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\IE Add-on site.url
2011-03-16 16:31 . 2011-03-16 16:31 133 ----a-w- c:\documents and settings\Beau\Favorites\Microsoft Websites\IE site on Microsoft.com.url
2011-03-16 16:31 . 2011-03-16 16:32 22547 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Internet Explorer\brndlog.txt
2011-03-16 16:31 . 2011-03-16 16:31 779 ----a-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
2011-03-16 16:31 . 2011-03-16 16:31 767 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Internet Explorer.lnk
2011-03-16 16:31 . 2011-03-16 16:31 122 --sha-w- c:\documents and settings\Beau\Favorites\Desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 150 --sha-w- c:\documents and settings\Beau\Recent\Desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 119 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
2011-03-16 16:31 . 2011-03-16 16:31 79 ----a-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
2011-03-16 16:31 . 2011-03-16 16:31 774 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Address Book.lnk
2011-03-16 16:31 . 2011-03-16 16:32 738 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Outlook Express.lnk
2011-03-16 16:31 . 2011-03-16 16:31 2572 --sha-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\Desktop.htt
2011-03-16 16:30 . 2011-03-16 16:30 0 ----a-w- c:\documents and settings\Beau\SendTo\My Documents.mydocs
2011-03-16 16:30 . 2011-03-16 16:30 638 ----a-w- c:\documents and settings\Beau\My Documents\My Music\Sample Music.lnk
2011-03-16 16:30 . 2011-03-16 16:31 180 --sha-w- c:\documents and settings\Beau\My Documents\My Music\Desktop.ini
2011-03-16 16:30 . 2011-03-16 16:30 668 ----a-w- c:\documents and settings\Beau\My Documents\My Pictures\Sample Pictures.lnk
2011-03-16 16:30 . 2011-03-16 16:31 182 --sha-w- c:\documents and settings\Beau\My Documents\My Pictures\Desktop.ini
2011-03-16 16:30 . 2011-03-16 16:31 75 --sha-w- c:\documents and settings\Beau\My Documents\desktop.ini
2011-03-16 16:30 . 2011-03-16 18:01 262144 --sha-w- c:\documents and settings\Beau\IETldCache\index.dat
2011-03-16 16:30 . 2011-03-26 06:13 178 --sha-w- c:\documents and settings\Beau\ntuser.ini
2011-03-16 16:30 . 2011-03-16 18:02 262144 ---ha-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
2011-03-16 16:30 . 2011-03-26 00:20 1024 ---ha-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
2011-03-16 16:30 . 2010-12-12 20:13 62 --sha-w- c:\documents and settings\Beau\Application Data\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:32 113 ----a-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\brndlog.bak
2011-03-16 16:30 . 2010-12-13 04:33 141 ----a-w- c:\documents and settings\Beau\Application Data\Microsoft\Internet Explorer\brndlog.txt
2011-03-16 16:30 . 2011-03-26 03:34 49152 ----a-w- c:\documents and settings\Beau\Cookies\index.dat
2011-03-16 16:30 . 2011-03-26 00:20 62 --sha-w- c:\documents and settings\Beau\Local Settings\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 720896 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb
2011-03-16 16:30 . 2010-12-13 04:33 498 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD
2011-03-16 16:30 . 2010-12-13 04:33 12784 ----a-w- c:\documents and settings\Beau\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML
2011-03-16 16:30 . 2010-12-13 04:37 113 --sh--w- c:\documents and settings\Beau\Local Settings\History\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:37 113 --sh--w- c:\documents and settings\Beau\Local Settings\History\History.IE5\desktop.ini
2011-03-16 16:30 . 2011-03-26 03:34 131072 ----a-w- c:\documents and settings\Beau\Local Settings\History\History.IE5\index.dat
2011-03-16 16:30 . 2010-12-13 04:31 0 ----a-w- c:\documents and settings\Beau\SendTo\Compressed (zipped) Folder.ZFSendToTarget
2011-03-16 16:30 . 2010-12-13 04:31 0 ----a-w- c:\documents and settings\Beau\SendTo\Desktop (create shortcut).DeskLink
2011-03-16 16:30 . 2010-12-13 04:31 181 --sha-w- c:\documents and settings\Beau\SendTo\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:31 0 ----a-w- c:\documents and settings\Beau\SendTo\Mail Recipient.MAPIMail
2011-03-16 16:30 . 2010-12-12 20:13 62 --sha-w- c:\documents and settings\Beau\Start Menu\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 1555 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Command Prompt.lnk
2011-03-16 16:30 . 2010-12-13 04:33 348 --sha-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Accessibility\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 1525 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk
2011-03-16 16:30 . 2010-12-13 04:33 1532 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
2011-03-16 16:30 . 2010-12-13 04:33 1501 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
2011-03-16 16:30 . 2010-12-13 04:33 1539 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk
2011-03-16 16:30 . 2011-03-16 16:31 542 --sha-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 84 --sha-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Entertainment\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 1519 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Notepad.lnk
2011-03-16 16:30 . 2010-12-13 04:33 386 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk
2011-03-16 16:30 . 2010-12-13 04:33 1519 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Synchronize.lnk
2011-03-16 16:30 . 2011-03-16 16:31 804 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
2011-03-16 16:30 . 2011-03-16 16:32 234 --sha-w- c:\documents and settings\Beau\Start Menu\Programs\desktop.ini
2011-03-16 16:30 . 2010-12-13 04:33 1527 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Tour Windows XP.lnk
2011-03-16 16:30 . 2010-12-13 04:31 1487 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Accessories\Windows Explorer.lnk
2011-03-16 16:30 . 2004-08-04 10:00 4570 ----a-w- c:\documents and settings\Beau\Templates\amipro.sam
2011-03-16 16:30 . 2010-12-13 04:33 1599 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Remote Assistance.lnk
2011-03-16 16:30 . 2011-03-16 16:31 792 ----a-w- c:\documents and settings\Beau\Start Menu\Programs\Windows Media Player.lnk
2011-03-16 16:30 . 2010-12-13 04:33 84 --sha-w- c:\documents and settings\Beau\Start Menu\Programs\Startup\desktop.ini
2011-03-16 16:30 . 2004-08-04 10:00 5632 ----a-w- c:\documents and settings\Beau\Templates\excel.xls
2011-03-16 16:30 . 2004-08-04 10:00 1518 ----a-w- c:\documents and settings\Beau\Templates\excel4.xls
2011-03-16 16:30 . 2004-08-04 10:00 2448 ----a-w- c:\documents and settings\Beau\Templates\lotus.wk4
2011-03-16 16:30 . 2004-08-04 10:00 12288 ----a-w- c:\documents and settings\Beau\Templates\powerpnt.ppt
2011-03-16 16:30 . 2004-08-04 10:00 461 ----a-w- c:\documents and settings\Beau\Templates\presenta.shw
2011-03-16 16:30 . 2004-08-04 10:00 4017 ----a-w- c:\documents and settings\Beau\Templates\quattro.wb2
2011-03-16 16:30 . 2004-08-04 10:00 58 ----a-w- c:\documents and settings\Beau\Templates\sndrec.wav
2011-03-16 16:30 . 2004-08-04 10:00 4608 ----a-w- c:\documents and settings\Beau\Templates\winword.doc
2011-03-16 16:30 . 2004-08-04 10:00 1769 ----a-w- c:\documents and settings\Beau\Templates\winword2.doc
2011-03-16 16:30 . 2004-08-04 10:00 30 ----a-r- c:\documents and settings\Beau\Templates\wordpfct.wpd
2011-03-16 16:30 . 2004-08-04 10:00 57 ----a-r- c:\documents and settings\Beau\Templates\wordpfct.wpg
2011-03-16 16:30 . 2011-03-27 21:24 1024 ---ha-w- c:\documents and settings\Beau\NTUSER.DAT.LOG
2011-03-16 16:30 . 2011-03-26 06:13 786432 ---ha-w- c:\documents and settings\Beau\NTUSER.DAT
.
---- Directory of c:\documents and settings\Cash\Application Data\ ----
.
2011-03-10 15:33 . 2011-03-10 15:34 676 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\96D7A99548C36B10D2E8035A3E0DCA1A
2011-03-10 15:33 . 2011-03-10 15:34 134 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\96D7A99548C36B10D2E8035A3E0DCA1A
2011-03-10 15:33 . 2011-03-10 15:34 625 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
2011-03-10 15:33 . 2011-03-10 15:34 100 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
2011-03-03 14:58 . 2011-03-03 14:58 518701 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\1B9435E949F2B3D267BABDE0C8BC19A6
2011-03-03 14:58 . 2011-03-03 14:58 134 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\1B9435E949F2B3D267BABDE0C8BC19A6
2011-03-03 14:58 . 2011-03-03 14:58 1310 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
2011-03-03 14:58 . 2011-03-03 14:58 100 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
2011-03-03 14:57 . 2011-03-03 14:57 1224 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447
2011-03-03 14:57 . 2011-03-03 14:57 178 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447
2011-03-03 14:57 . 2011-03-03 14:57 147937 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\930D1D196EE05A60D0FD6680AB99D0D5
2011-03-03 14:57 . 2011-03-03 14:57 120 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\930D1D196EE05A60D0FD6680AB99D0D5
2011-03-03 14:57 . 2011-03-03 14:57 533 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7
2011-03-03 14:57 . 2011-03-03 14:57 118 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7
2011-03-03 14:57 . 2011-03-03 14:57 898 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
2011-03-03 14:57 . 2011-03-03 14:57 94 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
2011-03-03 14:57 . 2011-03-03 14:57 186267 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\119EFCC56A568F53AA7025356F876799
2011-03-03 14:57 . 2011-03-03 14:57 130 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\119EFCC56A568F53AA7025356F876799
2011-03-03 14:57 . 2011-03-03 14:57 494 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC
2011-03-03 14:57 . 2011-03-03 14:57 130 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC
2011-03-03 14:47 . 2011-03-03 14:47 2066 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
2011-03-03 14:47 . 2011-03-03 14:47 112 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
2011-03-03 14:46 . 2011-03-03 14:46 24 --sha-w- c:\documents and settings\Cash\Application Data\\Microsoft\Protect\S-1-5-21-448539723-1035525444-725345543-1004\Preferred
2011-03-03 14:46 . 2011-03-03 14:46 388 --sha-w- c:\documents and settings\Cash\Application Data\\Microsoft\Protect\S-1-5-21-448539723-1035525444-725345543-1004\d8964627-b074-4956-a299-5e85b6f03897
2011-03-03 14:46 . 2011-03-03 14:46 24 --sha-w- c:\documents and settings\Cash\Application Data\\Microsoft\Protect\CREDHIST
2011-03-03 14:46 . 2011-03-03 14:46 16450 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
2011-03-03 14:46 . 2011-03-03 14:46 110 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
2011-03-03 14:46 . 2011-03-03 14:46 886 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
2011-03-03 14:46 . 2011-03-03 14:46 134 --s-a-w- c:\documents and settings\Cash\Application Data\\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
2011-03-03 14:46 . 2011-03-03 14:55 332 ----a-w- c:\documents and settings\Cash\Application Data\\Yahoo!\Companion\data
2011-03-03 14:46 . 2011-03-03 14:46 1621 ----a-w- c:\documents and settings\Cash\Application Data\\Yahoo!\Companion\resources
2011-03-01 22:39 . 2011-03-01 22:39 166 ----a-w- c:\documents and settings\Cash\Application Data\\Apple Computer\Logs\asl.173941_01Mar11.log
2011-01-16 19:42 . 2011-01-16 19:42 8590 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\HTML Help\hh.dat
2010-12-13 04:45 . 2011-02-02 05:33 6024 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\Windows\Themes\Custom.theme
2010-12-13 04:42 . 2010-12-13 04:42 79 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
2010-12-13 04:41 . 2011-02-02 05:37 2694 --sha-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\Desktop.htt
2010-12-13 04:41 . 2010-12-13 04:42 119 --sha-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\Quick Launch\desktop.ini
2010-12-13 04:41 . 2011-02-28 00:58 815 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
2010-12-13 04:41 . 2010-12-12 20:13 62 --sha-w- c:\documents and settings\Cash\Application Data\\desktop.ini
2010-12-13 04:41 . 2010-12-13 04:33 141 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\brndlog.bak
2010-12-13 04:41 . 2010-12-13 04:42 10380 ----a-w- c:\documents and settings\Cash\Application Data\\Microsoft\Internet Explorer\brndlog.txt
.
---- Directory of c:\documents and settings\CASH\START MENU\PROGRAMS\STARTUP\ ----
.
2010-12-13 04:41 . 2010-12-13 04:33 84 --sha-w- c:\documents and settings\CASH\START MENU\PROGRAMS\STARTUP\\desktop.ini
.
---- Directory of c:\documents and settings\Chrystal\Local Settings\Application Data\Temp ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"SUPERAntiSpyware"="c:\documents and settings\Chrystal\Desktop\SUPERAntiSpyware.exe" [2011-03-16 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"F-Secure Manager"="c:\program files\Charter Security Suite\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Charter Security Suite\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\documents and settings\Chrystal\Desktop\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\documents and settings\Chrystal\Desktop\SASWINLO.DLL
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2/27/2011 6:27 PM 42664]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2/27/2011 6:26 PM 82120]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Charter Security Suite\HIPS\drivers\fshs.sys [2/27/2011 6:25 PM 68064]
R1 SASDIFSV;SASDIFSV;c:\documents and settings\Chrystal\Desktop\sasdifsv.sys [2/17/2010 2:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\Chrystal\Desktop\SASKUTIL.SYS [5/10/2010 2:41 PM 67656]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys [2/27/2011 6:24 PM 130728]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Charter Security Suite\ORSP Client\fsorsp.exe [2/27/2011 6:25 PM 63992]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\Chrystal\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\Chrystal\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsfilter.sys [2/27/2011 6:24 PM 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsrec.sys [2/27/2011 6:24 PM 25184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 09:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 19:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp:\\yahoo.com\
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-27 17:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(496)
c:\documents and settings\Chrystal\Desktop\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
.
- - - - - - - > 'explorer.exe'(976)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-03-27 17:48:52
ComboFix-quarantined-files.txt 2011-03-27 21:48
ComboFix2.txt 2011-03-27 15:56
ComboFix3.txt 2011-03-27 03:27
.
Pre-Run: 31,085,907,968 bytes free
Post-Run: 31,081,095,168 bytes free
.
- - End Of File - - 5A1C6018B2D369587E3065836C7C4503
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby chrysvann » Sun Mar 27, 2011 11:23 pm

Hmm...Got anything new? Should I enable my firewall? Is Charter Security Suite not good enough? My desktop icons are highlighted blue. Normal?
chrysvann
 
Posts: 25
Joined: Sat Mar 26, 2011 7:30 pm

Re: I believe my system is operating with a virus

Postby 12056 » Mon Mar 28, 2011 2:12 am

The last ComboFix scan I had you run was extensive, but I still didn't find any new infections.
And it appears that your not infected from the new logs.

Please click start, then Run and type: Combofix.exe /uninstall
Also open OTL and click the "CleanUp" button.

[*]You should un-install programs that you no longer use
[*]Disable un-needed start-up entries.
[*]Consider upgrading your systems memory card.

From an infection standpoint, you appear to be clean with the exception of some non-malicious adware that was removed with SuperAntiSpyware and MalwareBytes.
Best advice, keep those two scanners updated and run scans periodically as new adware/spyware signatures are updated daily if not more!
Rhett Trappman
MyAntispyware.com Forum Security Team and Moderator
12056
 
Posts: 860
Joined: Sun Apr 25, 2010 9:57 pm

Previous

Return to Spyware Removal

Who is online

Users browsing this forum: No registered users and 1 guest