ComboFix 08-08-13.02 - Administrator 2008-08-14 1:48:18.1 - NTFSx86 NETWORK Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Tyrelle\Application Data\macromedia\Flash Player\#SharedObjects\JDBX6WLM\interclick.com C:\Documents and Settings\Tyrelle\Application Data\macromedia\Flash Player\#SharedObjects\JDBX6WLM\interclick.com\ud.sol C:\Documents and Settings\Tyrelle\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com C:\Documents and Settings\Tyrelle\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol C:\Documents and Settings\Tyrelle\Application Data\WeatherDPA C:\Documents and Settings\Tyrelle\Application Data\WeatherDPA\Weather\WeatherStartup.xml C:\Documents and Settings\Tyrelle\Application Data\Zango C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte10_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte11_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte12_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte13_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte14_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte19_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte20_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte21_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30104_emte9_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]30203lib_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102angel_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102bigluf_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102bigsmile_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102birthday_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102cheers_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102flo_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102good_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102jump_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102king_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102lough_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102luf_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102smile_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102smiled_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102sor_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102thanx_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]33102uhu_1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]40103ahh_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]40103wow_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]40104_emi2_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]42102_1134_112_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]50103big_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]50103gig_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]50103hm_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]50103nomail_emoti_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]50103norm_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema15_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema16_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema17_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema18_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema19_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema20_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema21_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema24_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema25_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema26_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema30_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema33_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]60104_ema34_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]62802hippi_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]62802jumpie_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]80402argh_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]80402oops_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]80402ouch_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]82502no_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\[u]0[/u]82502yes_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_boring1_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_confused_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_crying_ugly_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_fantastic_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_feel_better_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_gimme_break_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_heehee_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_hlopaet_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_ign_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_lol_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_no_comment_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_peace_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_smashing_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\110103_talk2thehand_prv.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\avatar.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\block_sm.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\block_sm2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\block_smli.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\block_smli2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\blocked.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\blocked2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_add-but.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_back-but.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_left_cut_enabled_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_left_enabled_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_left_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_middle_enabled_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_middle_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_right_cut_enabled_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_right_enabled_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\btn_right_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\business_promo.htm C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\buttondir.txt C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\components.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\css_cattree.css C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\css_flashpreview.css C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\css2_main.css C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\css2_pagingmodule.css C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\css2_topbuttons.css C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\cursors.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\delete.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\edit_clear_sound.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\edit_fs.htm C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\edit_select.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-543450.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-548964.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-589306.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-591943.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-592579.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-598579.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-603763.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-9595.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511724-9696.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-511745-514279.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-backgrounds.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-bcards.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-ecards.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-emoticons.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-estationery.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-funny.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-help.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-images.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-info.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-more.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-my.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-new.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-new2.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-options.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-people.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-photo.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-tell.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-temp.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-text.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def-email-voice.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-def.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-premium-email-premium.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-t1-bg.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\email-temp-bg.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\estatationery.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\flashpatch.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\flashpreview.htm C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\fs3.htm C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\hotbar_promo.htm C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_checked_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_close_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_close_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_edit_preview.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_edit_send.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_flash_preview.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_recently_used.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_remove_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_remove_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_sand-clock2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_tell_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_tell_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_tree_null.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_unchecked_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\icon_unchecked_pressed_1.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\img_barlayout.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\img_barlayout2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\img_barlayout4.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\img_corner_left.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\img_local_logo.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_basetemplate.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_hbgroups.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_hbobject3.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_hbobjectset3.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_hotbarwrapper.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_iteratorsandreaders3nf.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_pagingmoduleobj3.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_texts3.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\js2_xmltree3nf.js C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\layout.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\linkpathlegal.txt C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\n.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\nav_b_2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\nav_bb_2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\nav_f_2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\nav_ff_2.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\progress.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\sales_buttons.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\searchbtn.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\submit.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_bg.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_bga.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_bgia.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_l.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_la.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_lia.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_r.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_ra.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tab_ria.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tree_dots.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tree_minus.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\tree_plus.gif C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_animations.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_backgrounds.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_ecards.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_emoticons.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_notifiers.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\treedata_text.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\1\zango_btn.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\avatar.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\business_promo.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\buttondir.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\code.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\cursors.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\email-def.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\email-t1-bg.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\email-temp-bg.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\hotbar_promo.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\images.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\layout.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\linkpathlegal.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\localcontent.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\progress.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\sales_buttons.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\treexml.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\HostWD\static\DownLoad\zango_btn.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\1385288.sdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\819382.sdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\domains.txt C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17025 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\427148 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\432053 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44228 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\455563 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\455743 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\56412 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68055 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\744207 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\747635 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\93110 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95917 C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\dynamic\ustat\370f.dat C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\avatar.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\components.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\cursors.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\default.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\icons2.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\ie_video.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\keywords.idx C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\layout.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\progress.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\top7.cdf C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip C:\Documents and Settings\Tyrelle\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV ((((((((((((((((((((((((( Files Created from 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))) . 2008-08-14 01:43 . 2008-08-14 01:43 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools 2008-08-14 01:43 . 2008-08-14 01:41 160,792 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\pctfw2.sys 2008-08-14 01:40 . 2008-08-14 01:40 d-------- C:\Program Files\Common Files\PC Tools 2008-08-14 01:10 . 2008-08-14 01:28 d-------- C:\Documents and Settings\Administrator\Application Data\DivX 2008-08-14 01:08 . 2008-08-14 01:08 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer 2008-08-14 01:05 . 2008-08-14 01:09 d-------- C:\Documents and Settings\Administrator\Application Data\Winamp 2008-08-14 00:36 . 2008-08-14 00:36 d-------- C:\Documents and Settings\Administrator\Application Data\PC Tools 2008-08-14 00:36 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksyssec.sys 2008-08-14 00:36 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys 2008-08-14 00:36 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ikfilesec.sys 2008-08-14 00:36 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\kcom.sys 2008-08-13 02:01 . 2008-08-14 01:46 d-------- C:\Program Files\Spyware Doctor 2008-08-12 10:48 . 2008-08-14 01:43 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent 2008-08-11 12:43 . 2008-08-11 12:43 244 --ah----- C:\sqmnoopt02.sqm 2008-08-10 07:53 . 2008-08-10 07:53 d-------- C:\Documents and Settings\Administrator\Application Data\EasyJob Resume Builder 2008-08-10 06:44 . 2008-08-10 06:45 d-------- C:\Program Files\EsetOnlineScanner 2008-08-10 06:20 . 2008-08-10 06:20 d-------- C:\Deckard 2008-08-10 05:45 . 2008-08-10 05:45 d-------- C:\Program Files\Trend Micro 2008-08-10 05:37 . 2008-08-10 05:37 7,680 --ahs---- C:\WINDOWS\Thumbs.db 2008-08-10 05:21 . 2005-08-16 01:34 d-------- C:\Documents and Settings\New\Application Data\You've Got Pictures Screensaver 2008-08-10 05:21 . 2005-08-16 01:36 d-------- C:\Documents and Settings\New\Application Data\Jasc Software Inc 2008-08-10 05:21 . 2008-08-10 05:21 d-------- C:\Documents and Settings\New 2008-08-09 19:12 . 2008-08-14 01:14 664 --a------ C:\WINDOWS\SYSTEM32\d3d9caps.dat 2008-08-09 13:50 . 2008-08-09 13:50 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com 2008-08-08 00:10 . 2008-08-10 06:40 d--h----- C:\$AVG8.VAULT$ 2008-08-07 19:41 . 2008-08-07 19:41 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2008-08-07 17:33 . 2008-08-07 17:33 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-07 17:33 . 2008-08-07 17:33 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-07 17:33 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys 2008-08-07 17:33 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys 2008-08-07 06:02 . 2008-08-07 06:02 d-------- C:\KAV 2008-08-07 05:08 . 2008-08-07 05:08 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-08-07 05:07 . 2008-08-07 05:07 d-------- C:\Program Files\SUPERAntiSpyware 2008-08-07 04:47 . 2008-08-07 04:47 d-------- C:\Program Files\Opera 2008-08-07 04:01 . 2008-08-10 08:50 d-------- C:\WINDOWS\SYSTEM32\DRIVERS\Avg 2008-08-07 04:01 . 2008-08-07 04:01 d-------- C:\Program Files\AVG 2008-08-07 04:01 . 2008-08-07 04:01 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-08-07 04:01 . 2008-08-07 04:01 96,520 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys 2008-08-07 04:01 . 2008-08-07 04:01 76,040 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys 2008-08-07 04:01 . 2008-08-07 04:01 10,520 --a------ C:\WINDOWS\SYSTEM32\avgrsstx.dll 2008-08-07 01:38 . 2008-08-07 01:38 d-------- C:\Documents and Settings\Tyrelle\Application Data\TmpRecentIcons 2008-08-06 18:13 . 2008-08-06 18:13 91,700 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klin.dat 2008-08-06 18:13 . 2008-08-06 18:13 85,860 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klick.dat 2008-08-06 18:10 . 2008-08-06 18:10 d-------- C:\Program Files\Kaspersky Lab 2008-08-06 18:10 . 2008-08-13 03:31 2,971,168 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox.dat 2008-08-06 18:10 . 2008-08-13 03:31 32,800 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox2.dat 2008-08-06 18:10 . 2008-08-13 03:31 16,964 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox.idx 2008-08-06 18:10 . 2008-08-13 03:31 3,908 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox2.idx 2008-08-06 17:36 . 2008-08-06 17:36 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-08-06 02:37 . 2008-08-06 04:13 29,696 --a------ C:\Documents and Settings\Shinya.doc 2008-08-05 15:28 . 2008-08-05 15:28 d-------- C:\Documents and Settings\Tyrelle\Application Data\HiYo 2008-08-05 13:40 . 2008-08-05 13:40 d-------- C:\Documents and Settings\All Users\Application Data\HiYo 2008-08-05 07:43 . 2008-08-05 07:43 d-------- C:\Documents and Settings\All Users\Application Data\CCP 2008-08-05 07:43 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\SYSTEM32\d3dx9_35.dll 2008-08-05 07:33 . 2008-08-05 07:33 d-------- C:\Program Files\CCP 2008-08-02 14:43 . 2008-08-02 14:43 4,096 --a------ C:\WINDOWS\d3dx.dat 2008-08-01 15:33 . 2008-08-01 15:33 d-------- C:\Documents and Settings\Tyrelle\Application Data\Apple Computer 2008-07-26 07:24 . 2008-08-09 02:52 d-------- C:\Program Files\WindSlayer 2008-07-24 23:42 . 2008-07-24 23:43 d-------- C:\Program Files\EasyJob Resume Builder 2008-07-24 23:42 . 2008-07-24 23:43 d-------- C:\Program Files\Common Files\AGBO Business Architecture S.L 2008-07-23 17:00 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\SYSTEM32\D3DCompiler_34.dll 2008-07-23 17:00 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\SYSTEM32\d3dx10_34.dll 2008-07-23 17:00 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\SYSTEM32\xactengine2_8.dll 2008-07-23 17:00 . 2007-06-20 20:45 18,280 --a------ C:\WINDOWS\SYSTEM32\x3daudio1_2.dll 2008-07-23 16:59 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\SYSTEM32\d3dx9_34.dll 2008-07-23 02:26 . 2008-07-23 20:49 d-------- C:\Program Files\Xfire 2008-07-23 02:05 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\SYSTEM32\D3DCompiler_33.dll 2008-07-23 02:05 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\SYSTEM32\d3dx10_33.dll 2008-07-23 02:05 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\SYSTEM32\xactengine2_7.dll 2008-07-23 02:05 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\SYSTEM32\xactengine2_6.dll 2008-07-22 14:58 . 2008-07-22 14:58 d-------- C:\Program Files\Firaxis Games 2008-07-22 02:55 . 2008-08-05 05:46 d-------- C:\Program Files\uTorrent 2008-07-21 19:41 . 2008-07-21 19:41 42,320 --a------ C:\WINDOWS\SYSTEM32\xfcodec.dll 2008-07-19 10:49 . 2008-07-19 10:49 d-------- C:\Program Files\SopCast . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 06:47 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-14 03:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-08-09 11:56 --------- d-----w C:\Program Files\Evrsoft First Page 2006 2008-08-09 07:52 --------- d-----w C:\Program Files\Sunbelt Software 2008-08-09 07:52 --------- d-----w C:\Program Files\McAfee 2008-08-09 07:52 --------- d-----w C:\Program Files\Electronic Arts 2008-08-09 07:51 --------- d-----w C:\Program Files\Warcraft III 2008-08-09 07:51 --------- d-----w C:\Program Files\City of Heroes 2008-08-09 07:47 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-08-08 03:37 --------- d-----w C:\Program Files\BYOND 2008-08-07 10:06 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-08-05 09:27 --------- d-----w C:\Program Files\FileZilla FTP Client 2008-08-02 18:49 --------- d-----w C:\Program Files\TC Digital 2008-07-26 12:22 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-24 04:02 --------- d-----w C:\Program Files\Outspark 2008-07-24 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Outspark 2008-07-23 01:30 --------- d-----w C:\Program Files\Sports Interactive 2008-07-22 19:08 --------- d-----w C:\Program Files\Azureus 2008-07-18 19:29 --------- d-----w C:\Program Files\World of Warcraft 2008-07-07 17:51 --------- d-----w C:\Program Files\Trillian 2008-07-07 01:01 --------- d-----w C:\Program Files\Yahoo! 2008-07-07 01:01 --------- d-----w C:\Program Files\Crspace 2008-07-06 08:07 --------- d-----w C:\Program Files\DivX 2008-06-30 16:43 --------- d-----w C:\Program Files\iTunes 2008-06-30 16:42 --------- d-----w C:\Program Files\iPod 2008-06-30 16:41 --------- d-----w C:\Program Files\QuickTime 2008-06-30 16:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-06-30 16:38 --------- d-----w C:\Program Files\Common Files\Apple 2008-06-30 16:36 --------- d-----w C:\Program Files\Apple Software Update 2008-06-30 16:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-06-28 12:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-28 12:25 --------- d-----w C:\Program Files\Lavasoft 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-18 23:33 --------- d-----w C:\Program Files\EASEUS 2008-06-10 00:27 244 ---ha-w C:\Program Files\sqmnoopt02.sqm 2006-02-04 04:51 12,277,672 -c--a-w C:\Program Files\game.dat 2005-11-04 18:19 774,144 -c--a-w C:\Program Files\RngInterstitial.dll 2005-06-21 14:58 188,416 ----a-w C:\Documents and Settings\Akin Lake\lua.exe 2005-02-28 16:58 1,592 ----a-w C:\Documents and Settings\Akin Lake\Registry Keys.reg 2005-02-01 20:55 53,248 ----a-w C:\Documents and Settings\Akin Lake\npkpdb.dll 2005-02-01 20:55 37,009 ----a-w C:\Documents and Settings\Akin Lake\npkcusb.sys 2005-02-01 20:55 233,555 ----a-w C:\Documents and Settings\Akin Lake\npkcrypt.dll 2005-02-01 20:55 21,442 ----a-w C:\Documents and Settings\Akin Lake\npkcrypt.sys 2004-12-28 18:35 401,462 ----a-w C:\Documents and Settings\Akin Lake\msvcp60.dll 2003-11-25 13:20 81,920 ----a-w C:\Documents and Settings\Akin Lake\dinput.dll 2003-06-17 19:33 126,976 ----a-w C:\Documents and Settings\Akin Lake\NPX.DLL 2003-05-20 22:04 81,920 ----a-w C:\Documents and Settings\Akin Lake\npkeysdk.dll 2003-04-23 19:37 55,296 ----a-w C:\Documents and Settings\Akin Lake\NPCIPHER.DLL 2003-04-23 19:37 267,264 ----a-w C:\Documents and Settings\Akin Lake\FindHack.exe 2003-04-23 19:37 164,864 ----a-w C:\Documents and Settings\Akin Lake\NPUPDATE0.DLL 2002-10-02 04:11 358,963 ----a-w C:\Documents and Settings\Akin Lake\binkw32.dll 2002-10-02 04:11 230,455 ----a-w C:\Documents and Settings\Akin Lake\granny2.dll 2002-06-22 05:39 61,952 ----a-w C:\Documents and Settings\Akin Lake\NPCHK.DLL 2002-06-22 05:39 31,744 ----a-w C:\Documents and Settings\Akin Lake\NPPSK.DLL 2002-06-18 18:11 163,088 ----a-w C:\Documents and Settings\Akin Lake\dbghelp.dll 2002-04-25 15:51 73,728 ----a-w C:\Documents and Settings\Akin Lake\cps.dll 2001-04-15 16:20 156,672 ----a-w C:\Documents and Settings\Akin Lake\npupdate.dll 2001-03-31 16:41 346,624 ----a-w C:\Documents and Settings\Akin Lake\Mss32.dll 2001-03-21 14:35 372,736 ----a-w C:\Documents and Settings\Akin Lake\ijl15.dll 2006-08-27 20:28 56 -csh--r C:\WINDOWS\SYSTEM32\E0E182E7F4.sys 2008-02-02 15:16 848 -csha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys . [code]
-c--a-w         1,404,928 2008-03-02 14:54:11  C:\Program Files\Analog Devices\Core\smax4pnp .exe
[/code] ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2008-03-02 10:00 460784] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2008-03-02 10:01 1404928] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2008-03-02 10:00 221184] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2008-03-02 10:00 81920] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2008-03-02 10:00 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2008-03-02 10:00 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2008-03-02 10:00 114688] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-02 10:00 180269] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "WinPatrol"="C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2008-03-02 10:00 230976] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [N/A] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [N/A] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" [2007-12-17 11:12 243240] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-06-02 11:13 267048] "HiYo"="C:\Program Files\HiYo\bin\HiYo.exe" [N/A] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-07 04:01 1232152] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 13:49 36352] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mxmc"= MimicICM.DLL "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"= "C:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "C:\\Program Files\\SopCast\\SopCast.exe"= "C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"= "C:\\Program Files\\mIRC\\mirc.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Trillian\\trillian.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"= "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"= "C:\\Documents and Settings\\Akin Lake\\My Documents\\My eBooks\\Pro Evolution Soccer 2008\\PES2008.exe"= "C:\\Program Files\\FileZilla FTP Client\\filezilla.exe"= "C:\\Program Files\\CCP\\EVE\\bin\\ExeFile.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "C:\\Program Files\\AVG\\AVG8\\avgtray.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard downloader "6112:TCP"= 6112:TCP:Blizzard Downloader "6881:TCP"= 6881:TCP:Blizzard Downloader "6999:TCP"= 6999:TCP:Blizzard Downloader "6882:TCP"= 6882:TCP:Blizzard Downloader "6883:TCP"= 6883:TCP:Blizzard Download "6884:TCP"= 6884:TCP:Blizzard Downloader "6885:TCP"= 6885:TCP:Blizzard Downloader "6886:TCP"= 6886:TCP:Blizzard Downloader "6887:TCP"= 6887:TCP:Blizzard Downloader "6888:TCP"= 6888:TCP:Blizzard Downloader "67:UDP"= 67:UDP:DHCP Discovery Service R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-07 04:01] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-07 04:01] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-07 04:01] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-08-07 04:01] R2 fssfltr;fssfltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53] R2 fsssvc;Windows Live OneCare Family Safety;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2007-12-17 11:13] R3 SUSCOM;Susteen Serial port driver;C:\WINDOWS\system32\DRIVERS\SUSCOM.SYS [2004-03-22 09:40] R3 XDva143;XDva143;C:\WINDOWS\system32\XDva143.sys [] S1 pctfw2;pctfw2;C:\WINDOWS\SYSTEM32\DRIVERS\pctfw2.sys [2008-08-14 01:41] . Contents of the 'Scheduled Tasks' folder 2008-07-24 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57] . - - - - ORPHANS REMOVED - - - - Notify-geBrrRjJ - geBrrRjJ.dll Notify-mljgffg - mljgffg.dll Notify-NavLogon - (no file) . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4ucs6kgk.default\ ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-14 01:59:22 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\tsd32.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe . ************************************************************************** . Completion time: 2008-08-14 2:08:44 - machine was rebooted [Administrator] ComboFix-quarantined-files.txt 2008-08-14 07:08:29 Pre-Run: 9,823,526,912 bytes free Post-Run: 10,083,074,048 bytes free 621 --- E O F --- 2008-08-13 08:30:43