POS.tmp files on C and My Documents

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:51 PM, on 3/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\PROGRA~1\FILEST~1\PHOTOT~1\PBKNTService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-140\AirNCFG.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\program files\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link RangeBooster N DWA-140] C:\Program Files\D-Link\D-Link RangeBooster N DWA-140\AirNCFG.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Photo TurboBackup] C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe -s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Photo TurboBackup] C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe -s (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Photo TurboBackup] C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe -s (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PBKNTService - Unknown owner - C:\PROGRA~1\FILEST~1\PHOTOT~1\PBKNTService.exe

--
End of file - 8163 bytes

ComboFix 08-03-05.1 - a109 2008-03-10 15:27:25.9 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.454 [GMT -4:00]
Running from: C:\Documents and Settings\a109\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\a109\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Rabio

.
((((((((((((((((((((((((( Files Created from 2008-02-10 to 2008-03-10 )))))))))))))))))))))))))))))))
.

2008-03-04 23:20 . 2008-03-04 23:21 <DIR> d-------- C:\sex
2008-03-04 12:27 . 2008-03-04 12:27 <DIR> d-------- C:\Deckard
2008-03-04 11:03 . 2007-06-05 11:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-04 10:45 . 2008-03-04 12:11 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-04 10:45 . 2008-03-04 10:45 <DIR> d-------- C:\WINDOWS\LastGood
2008-03-04 10:45 . 2008-03-04 10:45 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-04 10:45 . 2008-03-04 10:45 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-04 10:45 . 2008-03-04 10:45 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-01 15:34 . 2008-03-01 15:34 98,304 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2008-03-01 15:27 . 2008-03-01 15:27 <DIR> d-------- C:\Documents and Settings\a109\Application Data\Atari
2008-03-01 15:25 . 2008-03-01 15:25 <DIR> d-------- C:\Program Files\Common Files\PocketSoft
2008-03-01 15:25 . 2008-03-01 15:25 <DIR> d-------- C:\Documents and Settings\a109\Application Data\Leadertech
2008-03-01 15:25 . 2002-02-27 18:50 197,120 --a------ C:\WINDOWS\patchw32.dll
2008-03-01 15:21 . 2008-03-01 15:21 <DIR> d-------- C:\Program Files\Atari
2008-02-29 11:29 . 2008-02-29 11:29 331 --a------ C:\driveicons_back.reg
2008-02-28 00:23 . 2008-03-04 11:52 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-02-28 00:23 . 2008-02-28 00:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-02-28 00:23 . 2008-02-28 00:23 <DIR> d-------- C:\Documents and Settings\a109\Application Data\Malwarebytes
2008-02-28 00:22 . 2008-02-28 00:22 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-02-24 22:58 . 2008-02-24 22:58 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-02-24 22:58 . 2008-02-24 22:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-23 00:37 . 2008-02-23 00:37 0 --a------ C:\WINDOWS\iPlayer.INI
2008-02-22 14:28 . 2008-03-04 11:56 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-22 14:28 . 2008-02-22 14:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-22 14:28 . 2008-02-22 14:28 <DIR> d-------- C:\Documents and Settings\a109\Application Data\SUPERAntiSpyware.com
2008-02-22 14:27 . 2008-02-22 14:27 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-22 14:13 . 2008-02-22 14:13 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-22 02:43 . 2008-02-22 02:44 <DIR> d-------- C:\Program Files\CCleaner
2008-02-22 01:20 . 2008-02-22 01:20 9,662 --a------ C:\WINDOWS\SYSTEM32\ZoneAlarmIconUS.ico
2008-02-22 00:03 . 2005-08-10 12:22 114,464 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\naiavf5x.sys
2008-02-22 00:00 . 2005-05-24 19:23 288,320 -ra------ C:\WINDOWS\SYSTEM32\mcgdmgr.dll
2008-02-21 23:59 . 2008-02-22 00:02 <DIR> d-------- C:\Program Files\McAfee.com
2008-02-21 23:59 . 2005-10-18 12:08 349,760 --a------ C:\WINDOWS\SYSTEM32\mcinsctl.dll
2008-02-21 23:45 . 2008-02-21 23:45 1,219 --a------ C:\WINDOWS\mozver.dat
2008-02-21 00:57 . 2008-02-21 00:59 <DIR> d-------- C:\Documents and Settings\a109\Application Data\McAfee.com Personal Firewall
2008-02-21 00:55 . 2008-02-21 00:55 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
2008-02-21 00:53 . 2008-02-21 23:52 41,280 --a------ C:\WINDOWS\SYSTEM32\Status.MPF
2008-02-21 00:49 . 2008-02-21 00:49 <DIR> d-------- C:\Program Files\McAfee
2008-02-21 00:49 . 2008-02-21 00:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-02-21 00:48 . 2006-03-01 12:34 131,072 --------- C:\WINDOWS\SYSTEM32\mclsp.dll
2008-02-21 00:48 . 2005-04-20 20:22 32,768 --a------ C:\WINDOWS\SYSTEM32\instlsp.exe
2008-02-21 00:48 . 2005-04-20 20:22 11,264 --a------ C:\WINDOWS\SYSTEM32\sporder.dll
2008-02-21 00:47 . 2008-02-21 12:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
2008-02-21 00:43 . 2008-02-22 08:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-02-20 22:13 . 2008-02-20 22:24 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-20 22:13 . 2008-02-20 22:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-20 21:40 . 2008-02-20 21:40 <DIR> d-------- C:\WINDOWS\Search And Destroy
2008-02-20 13:45 . 2004-08-04 01:56 21,504 --a------ C:\WINDOWS\SYSTEM32\hidserv.dll
2008-02-20 13:45 . 2004-08-04 01:56 21,504 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\hidserv.dll
2008-02-20 13:45 . 2004-08-03 23:58 14,848 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys
2008-02-20 13:45 . 2004-08-03 23:58 14,848 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\kbdhid.sys
2008-02-20 13:44 . 2004-08-04 00:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
2008-02-20 13:44 . 2004-08-04 00:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\usbccgp.sys
2008-02-20 01:26 . 2008-02-20 11:10 <DIR> d-------- C:\WINDOWS\$hf_mig$
2008-02-20 01:24 . 2008-03-05 06:29 3,284 --a------ C:\WINDOWS\SYSTEM32\ANIWZCS{1E5B91EF-9144-4245-90EA-D6648E5ED664}
2008-02-19 22:09 . 2008-02-20 13:38 <DIR> d-------- C:\WINDOWS\Wireless
2008-02-18 11:24 . 2008-02-23 11:50 <DIR> d-------- C:\Temp
2008-02-18 11:18 . 2008-02-18 11:18 <DIR> d-------- C:\WINDOWS\Sun
2008-02-14 12:05 . 2008-02-14 12:16 <DIR> d-------- C:\Program Files\VstPlugins
2008-02-14 12:05 . 2002-07-07 18:14 1,294,336 --a------ C:\WINDOWS\SYSTEM32\vorbis.acm
2008-02-14 12:05 . 2006-06-20 04:56 225,280 --a------ C:\WINDOWS\SYSTEM32\rewire.dll
2008-02-14 12:03 . 2008-02-14 12:16 <DIR> d-------- C:\Program Files\Image-Line
2008-02-13 19:55 . 2008-02-13 19:55 628,419 --a------ C:\duet.mp3
2008-02-13 16:53 . 2008-02-13 19:55 652 --a------ C:\WINDOWS\netdet.ini
2008-02-13 11:38 . 2008-02-22 01:54 7 --a------ C:\WINDOWS\SYSTEM32\ANIWZCSUSERNAME
2008-02-12 23:28 . 2008-02-12 23:28 <DIR> d-------- C:\Program Files\SlowBlast
2008-02-12 23:28 . 2008-02-13 18:16 <DIR> d-------- C:\Program Files\Drag and Drop Drummer Lite
2008-02-12 23:28 . 1998-06-09 01:00 137,216 --a------ C:\WINDOWS\SYSTEM32\Msderun.dll
2008-02-12 23:28 . 1998-06-18 01:00 102,912 --a------ C:\WINDOWS\SYSTEM32\Vb6stkit.dll
2008-02-12 23:27 . 2008-02-12 23:28 <DIR> d-------- C:\Program Files\Cakewalk
2008-02-12 19:40 . 2008-02-12 19:40 38,579 --a------ C:\pj.jpg
2008-02-12 17:58 . 2008-02-12 17:58 <DIR> d-------- C:\Program Files\Free Fire Screensaver
2008-02-12 17:57 . 2008-02-12 17:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Laconic Software
2008-02-12 17:54 . 2008-02-12 17:54 <DIR> d-------- C:\Documents and Settings\a109\Application Data\Viewpoint
2008-02-12 17:53 . 2008-02-12 17:53 <DIR> d-------- C:\Documents and Settings\a109\Application Data\Aim
2008-02-12 17:52 . 2008-02-12 17:52 <DIR> d-------- C:\Program Files\Viewpoint
2008-02-12 17:52 . 2008-02-22 03:18 <DIR> d-------- C:\Program Files\Common Files\AOL
2008-02-12 17:52 . 2008-02-12 17:52 <DIR> d-------- C:\Program Files\AOD
2008-02-12 17:52 . 2008-03-04 11:31 <DIR> d-------- C:\Program Files\AIM
2008-02-12 17:52 . 2008-02-12 17:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-02-12 17:44 . 2008-02-12 17:44 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-12 17:30 . 2008-02-12 17:30 <DIR> d-------- C:\Program Files\ANI
2008-02-12 17:29 . 2008-02-12 17:29 <DIR> d-------- C:\Program Files\D-Link
2008-02-12 17:29 . 2007-07-28 15:50 517,632 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\rt2870.sys
2008-02-12 17:28 . 2008-02-12 17:28 <DIR> d-------- C:\Documents and Settings\a109\Application Data\InstallShield
2008-02-12 17:21 . 2008-02-12 17:21 5 --a------ C:\WINDOWS\SYSTEM32\ANIWZCSUSERNAME{D37154A2-858B-4C37-82C2-DE5ABD158B7E}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 15:57 --------- d-----w C:\Program Files\Winamp
2008-03-04 15:51 --------- d-----w C:\Program Files\iTunes
2008-03-01 19:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-01 19:21 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-01 18:40 --------- d-----w C:\Documents and Settings\a109\Application Data\U3
2008-01-27 01:54 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 19:28 --------- d-----w C:\Documents and Settings\a109\Application Data\Autodesk
2008-01-25 19:27 --------- d-----w C:\Documents and Settings\a109\Application Data\Ansys
2008-01-25 19:24 --------- d-----w C:\Program Files\Autodesk
2008-01-25 19:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-01-25 19:18 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-01-25 19:03 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-01-25 19:02 --------- d-----w C:\Program Files\Microsoft WSE
2008-01-25 18:35 --------- d-----w C:\Program Files\Roxio ----------
2007-12-27 18:32 7,680 --sha-w C:\Program Files\Thumbs.db
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\break ----

2008-03-03 12:58 1881450 --a------ C:\break\Untitled-2 copy.psd
2008-03-02 16:26 57344 --ahs---- C:\break\Thumbs.db
2008-03-02 16:25 29288 --a------ C:\break\l_97d2e34afe1eab9b41987c7931ada90e.jpg
2008-03-02 16:24 47331 --a------ C:\break\l_e4c99e81cf0faad243aa089ba9b6782e.jpg
2008-03-02 16:09 45456 --a------ C:\break\l_f3d7e4bb28e747775c0b86186cf90dd4.jpg
2008-03-02 16:08 42331 --a------ C:\break\l_27882ba2aa2a34c0e103c4911b6f7e89.jpg
2008-03-02 16:08 42190 --a------ C:\break\l_c19a79bbd2414ecb494559fe1c71a30e.jpg
2008-03-02 16:08 39372 --a------ C:\break\l_3afb1b1d566cfa5cfbc9422429ae3c58.jpg
2008-03-02 16:08 35021 --a------ C:\break\l_2bf0e752e462109bd8087e75d024756a.jpg
2008-03-02 16:08 33585 --a------ C:\break\l_6340c7e30803518aa2591b52ece3f812.jpg
2008-03-02 16:08 33404 --a------ C:\break\l_62d98346053e477d8f02150e384a549e.jpg
2008-03-02 16:07 36757 --a------ C:\break\l_d2db368b55112abe649ae6f9dbb58d9c.jpg
2008-03-02 16:07 33774 --a------ C:\break\l_c980679cf7109a247d7e61dedca268f2.jpg
2008-03-02 16:07 26497 --a------ C:\break\l_a0d4c77ec7eb086279ac96056140a42b.jpg
2008-03-02 16:07 22996 --a------ C:\break\l_d22459a6307d55551384d28a89aefa1a.jpg
2008-03-02 16:06 47142 --a------ C:\break\l_d6148d7ed02d862727ba57f0c6973331.jpg
2008-03-02 16:06 40002 --a------ C:\break\me.jpg
2008-03-02 12:10 25300 --a------ C:\break\TL.jpg
2008-03-02 12:10 21308 --a------ C:\break\RRandTL.jpg

---- Directory of C:\Program Files\Mozilla Firefox ----

2008-02-22 01:09 147015 --a------ C:\Program Files\Mozilla Firefox\components\compreg.dat
2008-02-21 23:45 25245 --a------ C:\Program Files\Mozilla Firefox\install.log
2008-02-21 23:45 0 --a------ C:\Program Files\Mozilla Firefox\.autoreg
2008-02-12 17:44 94328 --a------ C:\Program Files\Mozilla Firefox\components\xpti.dat
2008-02-12 17:44 7945 --a------ C:\Program Files\Mozilla Firefox\uninstall\uninstall.log
2008-02-12 17:44 2 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\InstallDisabled
2008-02-02 06:07 99840 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\BrandRes.dll
2008-02-02 06:07 7655024 --a------ C:\Program Files\Mozilla Firefox\firefox.exe
2008-02-02 06:07 73848 --a------ C:\Program Files\Mozilla Firefox\xpcom_compat.dll
2008-02-02 06:07 73336 --a------ C:\Program Files\Mozilla Firefox\xpicleanup.exe
2008-02-02 06:07 67696 --a------ C:\Program Files\Mozilla Firefox\components\jar50.dll
2008-02-02 06:07 54376 --a------ C:\Program Files\Mozilla Firefox\components\jsd3250.dll
2008-02-02 06:07 46720 --a------ C:\Program Files\Mozilla Firefox\components\spellchk.dll
2008-02-02 06:07 456808 --a------ C:\Program Files\Mozilla Firefox\js3250.dll
2008-02-02 06:07 450936 --a------ C:\Program Files\Mozilla Firefox\uninstall\helper.exe
2008-02-02 06:07 422000 --a------ C:\Program Files\Mozilla Firefox\xpcom_core.dll
2008-02-02 06:07 407040 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\talkback.exe
2008-02-02 06:07 378472 --a------ C:\Program Files\Mozilla Firefox\nss3.dll
2008-02-02 06:07 34952 --a------ C:\Program Files\Mozilla Firefox\components\myspell.dll
2008-02-02 06:07 34424 --a------ C:\Program Files\Mozilla Firefox\plc4.dll
2008-02-02 06:07 30320 --a------ C:\Program Files\Mozilla Firefox\plds4.dll
2008-02-02 06:07 271984 --a------ C:\Program Files\Mozilla Firefox\nssckbi.dll
2008-02-02 06:07 22664 --a------ C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
2008-02-02 06:07 172144 --a------ C:\Program Files\Mozilla Firefox\components\xpinstal.dll
2008-02-02 06:07 161392 --a------ C:\Program Files\Mozilla Firefox\nspr4.dll
2008-02-02 06:07 156544 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\fullsoft.dll
2008-02-02 06:07 14456 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\qfaservices.dll
2008-02-02 06:07 13952 --a------ C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll
2008-02-02 06:07 13416 --a------ C:\Program Files\Mozilla Firefox\xpcom.dll
2008-02-02 06:07 132712 --a------ C:\Program Files\Mozilla Firefox\ssl3.dll
2008-02-02 06:07 132232 --a------ C:\Program Files\Mozilla Firefox\updater.exe
2008-02-02 06:07 12400 --a------ C:\Program Files\Mozilla Firefox\xpistub.dll
2008-02-02 06:07 112232 --a------ C:\Program Files\Mozilla Firefox\smime3.dll
2008-02-02 02:06 9568 --a------ C:\Program Files\Mozilla Firefox\res\html.css
2008-02-02 02:06 9459 --a------ C:\Program Files\Mozilla Firefox\components\nsBrowserGlue.js
2008-02-02 02:06 93 --a------ C:\Program Files\Mozilla Firefox\res\cmessage.txt
2008-02-02 02:06 915 --a------ C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js
2008-02-02 02:06 894 --a------ C:\Program Files\Mozilla Firefox\chrome\en-US.manifest
2008-02-02 02:06 87 --a------ C:\Program Files\Mozilla Firefox\defaults\autoconfig\platform.js
2008-02-02 02:06 858 --a------ C:\Program Files\Mozilla Firefox\res\grabber.gif
2008-02-02 02:06 85 --a------ C:\Program Files\Mozilla Firefox\greprefs\xpinstall.js
2008-02-02 02:06 8427 --a------ C:\Program Files\Mozilla Firefox\res\dtd\xhtml11.dtd
2008-02-02 02:06 8420 --a------ C:\Program Files\Mozilla Firefox\res\charsetData.properties
2008-02-02 02:06 841 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-row.gif
2008-02-02 02:06 841 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-row-hover.gif
2008-02-02 02:06 841 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-column.gif
2008-02-02 02:06 841 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-column-hover.gif
2008-02-02 02:06 835 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-row-active.gif
2008-02-02 02:06 835 --a------ C:\Program Files\Mozilla Firefox\res\table-remove-column-active.gif
2008-02-02 02:06 826 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-after.gif
2008-02-02 02:06 826 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-after-hover.gif
2008-02-02 02:06 826 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-after.gif
2008-02-02 02:06 826 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-after-hover.gif
2008-02-02 02:06 825 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-before.gif
2008-02-02 02:06 825 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-before-hover.gif
2008-02-02 02:06 825 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-before.gif
2008-02-02 02:06 825 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-before-hover.gif
2008-02-02 02:06 823 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-after-active.gif
2008-02-02 02:06 822 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-after-active.gif
2008-02-02 02:06 821 --a------ C:\Program Files\Mozilla Firefox\res\table-add-row-before-active.gif
2008-02-02 02:06 81649 --a------ C:\Program Files\Mozilla Firefox\components\nsMicrosummaryService.js
2008-02-02 02:06 792 --a------ C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
2008-02-02 02:06 7914 --a------ C:\Program Files\Mozilla Firefox\components\nsDefaultCLH.js
2008-02-02 02:06 767045 --a------ C:\Program Files\Mozilla Firefox\chrome\classic.jar
2008-02-02 02:06 75171 --a------ C:\Program Files\Mozilla Firefox\components\nsSessionStore.js
2008-02-02 02:06 7296 --a------ C:\Program Files\Mozilla Firefox\defaults\autoconfig\prefcalls.js
2008-02-02 02:06 7138 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\bookmarks.html
2008-02-02 02:06 709 --a------ C:\Program Files\Mozilla Firefox\updater.ini
2008-02-02 02:06 696138 --a------ C:\Program Files\Mozilla Firefox\dictionaries\en-US.dic
2008-02-02 02:06 69 --a------ C:\Program Files\Mozilla Firefox\chrome\pippki.manifest
2008-02-02 02:06 663 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\chrome\userContent-example.css
2008-02-02 02:06 65128 --a------ C:\Program Files\Mozilla Firefox\greprefs\all.js
2008-02-02 02:06 6512 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontMath4.properties
2008-02-02 02:06 64504 --a------ C:\Program Files\Mozilla Firefox\res\dtd\mathml.dtd
2008-02-02 02:06 6313 --a------ C:\Program Files\Mozilla Firefox\components\jsconsole-clhandler.js
2008-02-02 02:06 61221 --a------ C:\Program Files\Mozilla Firefox\components\FeedProcessor.js
2008-02-02 02:06 605317 --a------ C:\Program Files\Mozilla Firefox\chrome\en-US.jar
2008-02-02 02:06 6053 --a------ C:\Program Files\Mozilla Firefox\res\ua.css
2008-02-02 02:06 5951 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontCMEX10.properties
2008-02-02 02:06 5835 --a------ C:\Program Files\Mozilla Firefox\components\nsURLFormatter.js
2008-02-02 02:06 5619 --a------ C:\Program Files\Mozilla Firefox\res\langGroups.properties
2008-02-02 02:06 550 --a------ C:\Program Files\Mozilla Firefox\chrome\browser.manifest
2008-02-02 02:06 5472 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontMath2.properties
2008-02-02 02:06 5452 --a------ C:\Program Files\Mozilla Firefox\res\language.properties
2008-02-02 02:06 52 --a------ C:\Program Files\Mozilla Firefox\res\arrowd.gif
2008-02-02 02:06 5169 --a------ C:\Program Files\Mozilla Firefox\res\fonts\fontEncoding.properties
2008-02-02 02:06 5132 --a------ C:\Program Files\Mozilla Firefox\components\nsCloseAllWindows.js
2008-02-02 02:06 5054 --a------ C:\Program Files\Mozilla Firefox\components\nsSetDefaultBrowser.js
2008-02-02 02:06 50 --a------ C:\Program Files\Mozilla Firefox\res\table-add-column-before-active.gif
2008-02-02 02:06 49 --a------ C:\Program Files\Mozilla Firefox\res\arrow.gif
2008-02-02 02:06 4805 --a------ C:\Program Files\Mozilla Firefox\components\nsDictionary.js
2008-02-02 02:06 476 --a------ C:\Program Files\Mozilla Firefox\softokn3.chk
2008-02-02 02:06 476 --a------ C:\Program Files\Mozilla Firefox\freebl3.chk
2008-02-02 02:06 469 --a------ C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest
2008-02-02 02:06 44541 --a------ C:\Program Files\Mozilla Firefox\chrome\reporter.jar
2008-02-02 02:06 4439 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontCMSY10.properties
2008-02-02 02:06 42412 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfont.properties
2008-02-02 02:06 41487 --a------ C:\Program Files\Mozilla Firefox\components\FeedWriter.js
2008-02-02 02:06 4090 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\html40Symbols.properties
2008-02-02 02:06 4062 --a------ C:\Program Files\Mozilla Firefox\res\fonts\fontNameMap.properties
2008-02-02 02:06 39446 --a------ C:\Program Files\Mozilla Firefox\components\nsHelperAppDlg.js
2008-02-02 02:06 38698 --a------ C:\Program Files\Mozilla Firefox\components\nsUrlClassifierTable.js
2008-02-02 02:06 38499 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\transliterate.properties
2008-02-02 02:06 3747 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontSymbol.properties
2008-02-02 02:06 3690 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\html40Latin1.properties
2008-02-02 02:06 356 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\mimeTypes.rdf
2008-02-02 02:06 35263 --a------ C:\Program Files\Mozilla Firefox\components\nsXmlRpcClient.js
2008-02-02 02:06 347 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\prefs.js
2008-02-02 02:06 340 --a------ C:\Program Files\Mozilla Firefox\chrome\reporter.manifest
2008-02-02 02:06 3353 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontMath1.properties
2008-02-02 02:06 3323 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\master.ini
2008-02-02 02:06 32944 --a------ C:\Program Files\Mozilla Firefox\components\nsUrlClassifierListManager.js
2008-02-02 02:06 32928 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\talkback.hlp
2008-02-02 02:06 3287 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\search.rdf
2008-02-02 02:06 32783 --a------ C:\Program Files\Mozilla Firefox\components\nsBrowserContentHandler.js
2008-02-02 02:06 324193 --a------ C:\Program Files\Mozilla Firefox\components\nsExtensionManager.js
2008-02-02 02:06 322786 --a------ C:\Program Files\Mozilla Firefox\components\browser.xpt
2008-02-02 02:06 322 --a------ C:\Program Files\Mozilla Firefox\chrome\classic.manifest
2008-02-02 02:06 31967 --a------ C:\Program Files\Mozilla Firefox\chrome\comm.jar
2008-02-02 02:06 30869 --a------ C:\Program Files\Mozilla Firefox\LICENSE
2008-02-02 02:06 3042 --a------ C:\Program Files\Mozilla Firefox\res\viewsource.css
2008-02-02 02:06 304 --a------ C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js
2008-02-02 02:06 3013 --a------ C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js
2008-02-02 02:06 299987 --a------ C:\Program Files\Mozilla Firefox\chrome\pippki.jar
2008-02-02 02:06 29091 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\mathml20.properties
2008-02-02 02:06 2731 --a------ C:\Program Files\Mozilla Firefox\dictionaries\en-US.aff
2008-02-02 02:06 27061 --a------ C:\Program Files\Mozilla Firefox\components\nsSearchSuggestions.js
2008-02-02 02:06 26774 --a------ C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js
2008-02-02 02:06 254060 --a------ C:\Program Files\Mozilla Firefox\softokn3.dll
2008-02-02 02:06 24340 --a------ C:\Program Files\Mozilla Firefox\components\WebContentConverter.js
2008-02-02 02:06 2396 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\html40Special.properties
2008-02-02 02:06 2351 --a------ C:\Program Files\Mozilla Firefox\searchplugins\google.xml
2008-02-02 02:06 2348 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontMTExtra.properties
2008-02-02 02:06 232 --a------ C:\Program Files\Mozilla Firefox\browserconfig.properties
2008-02-02 02:06 2251 --a------ C:\Program Files\Mozilla Firefox\res\svg.css
2008-02-02 02:06 22017 --a------ C:\Program Files\Mozilla Firefox\components\nsPostUpdateWin.js
2008-02-02 02:06 2193 --a------ C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
2008-02-02 02:06 2080 --a------ C:\Program Files\Mozilla Firefox\res\wincharset.properties
2008-02-02 02:06 20770 --a------ C:\Program Files\Mozilla Firefox\components\FeedConverter.js
2008-02-02 02:06 206 --a------ C:\Program Files\Mozilla Firefox\defaults\pref\reporter.js
2008-02-02 02:06 200829 --a------ C:\Program Files\Mozilla Firefox\freebl3.dll
2008-02-02 02:06 1967 --a------ C:\Program Files\Mozilla Firefox\res\entityTables\htmlEntityVersions.properties
2008-02-02 02:06 189 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-telnet.gif
2008-02-02 02:06 188 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-image.gif
2008-02-02 02:06 1867135 --a------ C:\Program Files\Mozilla Firefox\chrome\toolkit.jar
2008-02-02 02:06 180 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-movie.gif
2008-02-02 02:06 178 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-find.gif
2008-02-02 02:06 177 --a------ C:\Program Files\Mozilla Firefox\README.txt
2008-02-02 02:06 1742 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\install.rdf
2008-02-02 02:06 166 --a------ C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js
2008-02-02 02:06 165 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-binary.gif
2008-02-02 02:06 165 --a------ C:\Program Files\Mozilla Firefox\res\broken-image.gif
2008-02-02 02:06 163 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-sound.gif
2008-02-02 02:06 163 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-audio.gif
2008-02-02 02:06 16154 --a------ C:\Program Files\Mozilla Firefox\components\nsSessionStartup.js
2008-02-02 02:06 157 --a------ C:\Program Files\Mozilla Firefox\res\loading-image.gif
2008-02-02 02:06 15688 --a------ C:\Program Files\Mozilla Firefox\res\fonts\mathfontPUA.properties
2008-02-02 02:06 154 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-text.gif
2008-02-02 02:06 153 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\localstore.rdf
2008-02-02 02:06 1514 --a------ C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
2008-02-02 02:06 1509 --a------ C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
2008-02-02 02:06 14948 --a------ C:\Program Files\Mozilla Firefox\components\nsSidebar.js
2008-02-02 02:06 14826 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\talkback-l10n.ini
2008-02-02 02:06 145845 --a------ C:\Program Files\Mozilla Firefox\components\nsSafebrowsingApplication.js
2008-02-02 02:06 144 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\qfaservices.xpt
2008-02-02 02:06 144 --a------ C:\Program Files\Mozilla Firefox\chrome\comm.manifest
2008-02-02 02:06 13895 --a------ C:\Program Files\Mozilla Firefox\components\nsBookmarkTransactionManager.js
2008-02-02 02:06 13743 --a------ C:\Program Files\Mozilla Firefox\res\mathml.css
2008-02-02 02:06 136062 --a------ C:\Program Files\Mozilla Firefox\components\nsUrlClassifierLib.js
2008-02-02 02:06 1355 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\talkback.cnt
2008-02-02 02:06 135 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-menu.gif
2008-02-02 02:06 13475 --a------ C:\Program Files\Mozilla Firefox\components\nsProxyAutoConfig.js
2008-02-02 02:06 13385 --a------ C:\Program Files\Mozilla Firefox\res\forms.css
2008-02-02 02:06 132 --a------ C:\Program Files\Mozilla Firefox\res\html\gopher-unknown.gif
2008-02-02 02:06 1285919 --a------ C:\Program Files\Mozilla Firefox\chrome\browser.jar
2008-02-02 02:06 11757 --a------ C:\Program Files\Mozilla Firefox\res\quirk.css
2008-02-02 02:06 117 --a------ C:\Program Files\Mozilla Firefox\res\hiddenWindow.html
2008-02-02 02:06 11324 --a------ C:\Program Files\Mozilla Firefox\res\charsetalias.properties
2008-02-02 02:06 112 --a------ C:\Program Files\Mozilla Firefox\old-homepage-default.properties
2008-02-02 02:06 1078 --a------ C:\Program Files\Mozilla Firefox\defaults\profile\chrome\userChrome-example.css
2008-02-02 02:06 107030 --a------ C:\Program Files\Mozilla Firefox\components\nsSearchService.js
2008-02-02 02:06 10566 --a------ C:\Program Files\Mozilla Firefox\res\EditorOverride.css
2008-02-02 02:06 105346 --a------ C:\Program Files\Mozilla Firefox\components\nsUpdateService.js
2008-02-02 02:06 1046 --a------ C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
2008-02-02 02:06 1038 --a------ C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
2008-02-02 02:06 0 --a------ C:\Program Files\Mozilla Firefox\extensions\[email protected]\chrome.manifest
2007-11-28 23:58 2394 --a------ C:\Program Files\Mozilla Firefox\components\nsIQTScriptablePlugin.xpt
2003-06-20 15:30 49152 --a------ C:\Program Files\Mozilla Firefox\plugins\NPMGWRAP.DLL

---- Directory of C:\sex ----

2007-11-28 13:19 9973636 --a------ C:\sex\04 Living Dead Girl [Subliminal Seduction Mix].mp3
2007-11-28 13:19 9891160 --a------ C:\sex\08 What Lurks on Channel X- [XXX Mix].mp3
2007-11-28 13:19 9685492 --a------ C:\sex\03 How to Make a Monster [Kitty's Purrrrformance Mix].mp3
2007-11-28 13:19 9522628 --a------ C:\sex\02 Superbeast [[bleep] Holocaust Mix].mp3
2007-11-28 13:19 9164536 --a------ C:\sex\11 Superbeast [Girl on a Motorcycle Mix].mp3
2007-11-28 13:19 9035080 --a------ C:\sex\12 Meet the Creeper [Brute Man & Wonder Girl Mix].mp3
2007-11-28 13:19 8500552 --a------ C:\sex\10 Return of the Phantom Stranger [Tuesday Night at the Chop Shop Mix].mp3
2007-11-28 13:19 7563040 --a------ C:\sex\04 Never Gonna Stop (The Red, Red Kroovy).mp3
2007-11-28 13:19 5057787 --a------ C:\sex\07 - Hands Of Death (Burn Baby Burn).mp3
2007-11-28 13:19 4685803 --a------ C:\sex\08 - The Greatest American Nightmare (Feat. Howard Stern).mp3
2007-11-28 13:19 13528456 --a------ C:\sex\07 The Ballad of Resurrection Joe and Rosa [bleep] [Ilsa She-Wolf of Hollywood M.mp3
2007-11-28 13:19 11478040 --a------ C:\sex\09 Meet the Creeper [Pink Pussy Mix].mp3
2007-11-28 13:19 11111596 --a------ C:\sex\01 Dragula [Si Non Oscillas, Noli Tintnnare Mix].mp3
2007-11-28 13:19 11037472 --a------ C:\sex\06 Demonoid Phenomenon [Sin Lives Mix].mp3
2007-11-28 13:19 10999888 --a------ C:\sex\05 Spookshow Baby [Black Leather Cat Suit Mix].mp3

((((((((((((((((((((((((((((( snapshot@2008-03-05_14.03.22.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 13:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 12:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2000-08-31 13:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 12:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2000-08-31 13:00:00 161,792 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
+ 2000-08-31 12:00:00 161,792 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"Photo TurboBackup"="C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe" [2005-09-15 03:00 512000]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 16:35 67112]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:56 1667584]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-02-20 10:15 816368]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 15:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 03:01 135264]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-15 00:43 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 14:11 267048]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 01:28 36352]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 12:49 49152]
"D-Link D-Link RangeBooster N DWA-140"="C:\Program Files\D-Link\D-Link RangeBooster N DWA-140\AirNCFG.exe" [2007-08-20 15:05 1671168]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 20:05 1117184]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 19:18 151552]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 13:49 163840]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 23:02 53248]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 19:29 303104]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 13:05 212992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Photo TurboBackup"="C:\PROGRA~1\FILEST~1\PHOTOT~1\pbksche.exe" [2005-09-15 03:00 512000]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-26 21:54:53 113664]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-03 23:07:32 81920]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 14:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\AIM\\aim.exe"=

R2 ASFAgent;ASF Agent;C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2003-02-10 06:52]
R2 AsfAlrt;AsfAlrt;C:\WINDOWS\System32\drivers\AsfAlrt.sys [2002-12-18 06:31]
R2 MSSQL$AUTODESKVAULT;MSSQL$AUTODESKVAULT;"C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe" -sAUTODESKVAULT []
R2 PBKNTService;PBKNTService;C:\PROGRA~1\FILEST~1\PHOTOT~1\PBKNTService.exe [2005-09-15 03:00]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-07-28 15:50]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT;"C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE" -i AUTODESKVAULT []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0102aa4c-40df-11da-b90f-000d56c5c1ec}]
\Shell\AutoRun\command - F:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5aff8cde-4493-11d9-b8e4-000d56c5c1ec}]
\Shell\AutoRun\command - F:\SafeGuard\Windows\SafeGuard20.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c5e072f-92b7-11da-b919-000d56c5c1ec}]
\Shell\AutoRun\command - F:\JDSecure\Windows\JDSecure20.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d801b01-6828-11db-b93f-000d56c5c1ec}]
\Shell\AutoRun\command - F:\JDSecure\Windows\JDSecure31.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e976a0b0-b174-11db-b943-000d56c5c1ec}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

*Newly Created Service* - RKPAVPROC
*Newly Created Service* - SDTHOOK
*Newly Created Service* - THOLRGTIPUGG
.
Contents of the 'Scheduled Tasks' folder
"2008-03-04 23:37:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-10 15:29:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-10 15:30:01
ComboFix2.txt 2008-03-05 19:03:51
ComboFix3.txt 2008-02-28 04:19:21

Antivirus Version Last Update Result
AhnLab-V3 2008.3.12.0 2008.03.11 -
AntiVir 7.6.0.73 2008.03.11 -
Authentium 4.93.8 2008.03.11 -
Avast 4.7.1098.0 2008.03.11 -
AVG 7.5.0.516 2008.03.11 -
BitDefender 7.2 2008.03.12 -
CAT-QuickHeal 9.50 2008.03.10 -
ClamAV None 2008.03.11 -
DrWeb 4.44.0.09170 2008.03.11 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5607 2008.03.11 -
Ewido 4.0 2008.03.11 -
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.12 -
F-Prot 4.4.2.54 2008.03.11 -
F-Secure 6.70.13260.0 2008.03.12 -
Ikarus T3.1.1.20 2008.03.12 -
Kaspersky 7.0.0.125 2008.03.12 -
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.12 -
NOD32v2 2938 2008.03.11 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.12 -
Prevx1 V2 2008.03.12 -
Rising 20.35.12.00 2008.03.11 -
Sophos 4.27.0 2008.03.12 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.12 -
TheHacker 6.2.92.242 2008.03.12 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.11 -
Webwasher-Gateway 6.6.2 2008.03.11 -
Additional information
File size: 32768 bytes
MD5: 9b9e9f55163716a8545611c596ef4801
SHA1: 7ad892820e1c75c4f2f738ed005745cf715022e6
PEiD: Armadillo v1.71

#16
SNOWHITE

Posted 06 March 2008 - 03:26 PM

Advertisements

#17
DannyJoe

Posted 11 March 2008 - 08:33 PM

#18
Metallica

Posted 17 March 2008 - 09:13 AM

#19
DannyJoe

Posted 17 March 2008 - 03:46 PM

#20
Metallica

Posted 18 March 2008 - 05:48 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us