Inactive Still need help with redirect virus

Status
Not open for further replies.
M

marco75

Posts: 14   +0
Sorry Bobeye that I never saw you replied to me. I missed your response and now my original thread is closed. I saw your last reply and ran the special comboFix as well as hijackthis. I have pasted the logs below. Thanks for your time. Sorry again for missing your reply. ComboFix is so large I have to do it in 3 posts.


ComboFix 11-05-15.02 - Marc 05/15/2011 14:53:55.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2940.1857 [GMT -4:00]
Running from: c:\users\Marc\Desktop\ComboFix.exe
Command switches used :: c:\users\Marc\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\DSETUP.dll"
"c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\dsetup32.dll"
"c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\DXSETUP.exe"
"c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\DSETUP.dll"
"c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\dsetup32.dll"
"c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\DXSETUP.exe"
"c:\users\Marc\AppData\Local\Blegozab.bin"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\DSETUP.dll
c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\dsetup32.dll
c:\program files\Common Files\Windows Live\.cache\210228eb1cbfe9710\DXSETUP.exe
c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\DSETUP.dll
c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\dsetup32.dll
c:\program files\Common Files\Windows Live\.cache\228677581cbfe9711\DXSETUP.exe
c:\program files\Driver-Soft
c:\program files\Driver-Soft\DriverPerformer\AlphaImageControl.ocx
c:\program files\Driver-Soft\DriverPerformer\AniGIF.ocx
c:\program files\Driver-Soft\DriverPerformer\aspr_ide.dll
c:\program files\Driver-Soft\DriverPerformer\clmultidx7.ocx
c:\program files\Driver-Soft\DriverPerformer\CodejockControls.ocx
c:\program files\Driver-Soft\DriverPerformer\DriverPerformer.cfg
c:\program files\Driver-Soft\DriverPerformer\DriverPerformer.exe
c:\program files\Driver-Soft\DriverPerformer\DriverPerformer.url
c:\program files\Driver-Soft\DriverPerformer\Drivers.dat
c:\program files\Driver-Soft\DriverPerformer\Help\UserGuide_Eng.chm
c:\program files\Driver-Soft\DriverPerformer\Languages\English.lng
c:\program files\Driver-Soft\DriverPerformer\LiveUpdate.exe
c:\program files\Driver-Soft\DriverPerformer\Resource\Installer.ico
c:\program files\Driver-Soft\DriverPerformer\Resource\SFX.ico
c:\program files\Driver-Soft\DriverPerformer\TaskTray.exe
c:\program files\Driver-Soft\DriverPerformer\unins000.dat
c:\program files\Driver-Soft\DriverPerformer\unins000.exe
c:\program files\Driver-Soft\DriverPerformer\xcdsfx32.bin
c:\program files\Driver-Soft\DriverPerformer\XceedZip.dll
c:\program files\Driver-Soft\DriverPerformer\zlib1.dll
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\TOSHIBA\FlashCards\TCrdMain.exe
c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
c:\program files\Toshiba\SmoothView\SmoothView.exe
c:\program files\TOSHIBA\TBS\HSON.exe
c:\program files\TOSHIBA\TECO\Teco.exe
c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe
c:\users\Marc\AppData\Local\Blegozab.bin
.
.
((((((((((((((((((((((((( Files Created from 2011-04-15 to 2011-05-15 )))))))))))))))))))))))))))))))
.
.
2011-05-15 19:00 . 2011-05-15 19:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-07 11:02 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-05-07 11:02 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-05-07 11:02 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-05-02 22:59 . 2011-05-06 03:57 -------- d-----w- c:\windows\system32\drivers\NIS\1206000.01D
2011-04-26 20:17 . 2011-02-18 05:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-26 20:17 . 2011-03-11 05:44 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-26 20:17 . 2011-03-11 05:44 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-26 20:17 . 2011-03-11 05:44 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-26 20:17 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\system32\esent.dll
2011-04-26 20:16 . 2011-03-11 05:44 146304 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-26 20:16 . 2011-03-11 05:43 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-26 20:16 . 2011-03-11 05:43 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-26 20:16 . 2011-03-11 05:43 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-26 20:16 . 2011-03-11 05:37 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-04-26 20:16 . 2011-03-12 11:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-26 20:16 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\explorer.exe
2011-04-23 16:02 . 2011-04-23 16:02 -------- d-----w- c:\program files\iPod
2011-04-23 15:59 . 2011-04-23 15:59 -------- d-----w- c:\program files\Bonjour
2011-04-22 04:21 . 2011-05-15 19:02 -------- d-----w- c:\users\Marc\AppData\Local\temp
2011-04-22 02:51 . 2011-04-22 02:51 -------- d-----w- c:\program files\ESET
2011-04-20 01:39 . 2011-04-20 01:40 -------- d-----w- c:\programdata\MFAData
2011-04-20 00:48 . 2011-04-20 00:48 388096 ----a-r- c:\users\Marc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-20 00:02 . 2011-04-20 00:02 -------- d-----w- c:\program files\CCleaner
2011-04-19 13:41 . 2011-04-19 13:41 -------- d-----w- c:\windows\en
2011-04-19 13:39 . 2009-09-04 21:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-04-19 13:39 . 2009-09-04 21:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-04-19 13:39 . 2009-09-04 21:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-04-19 13:38 . 2011-04-19 13:38 -------- d-----w- c:\users\Marc\AppData\Local\Windows Live
2011-04-19 11:50 . 2011-04-19 11:50 -------- d-----w- c:\program files\Common Files\Adobe
2011-04-18 14:43 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-04-18 14:21 . 2011-04-18 14:21 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-04-18 14:21 . 2011-04-18 14:21 -------- d-----w- c:\program files\QuickTime
2011-04-18 14:15 . 2011-02-23 05:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-18 14:15 . 2011-02-23 05:05 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-18 14:15 . 2011-02-23 05:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-18 14:15 . 2011-03-03 05:29 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-18 14:15 . 2011-03-03 05:27 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-18 14:15 . 2011-02-19 05:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-18 14:15 . 2011-02-19 03:37 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-18 14:14 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-18 14:14 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-18 14:13 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-18 14:13 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-18 14:13 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-18 14:13 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-18 14:13 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-18 14:13 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-18 14:13 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-16 16:24 . 2011-04-16 16:24 -------- d-----w- c:\users\Marc\AppData\Roaming\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 22:59 . 2010-01-05 02:32 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-19 13:40 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-23 14:11 . 2011-04-12 21:34 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52669BB5-9EBE-4C20-A3E2-080390ADE61F}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\jEcIbKpEnAi06504 ----
.
2011-03-28 02:23 . 2011-03-28 02:33 184 ---ha-w- c:\programdata\jEcIbKpEnAi06504\jEcIbKpEnAi06504
.
---- Directory of c:\programdata\oHk06511aGpMj06511 ----
.
2011-04-08 02:12 . 2011-04-08 02:22 192 ---ha-w- c:\programdata\oHk06511aGpMj06511\oHk06511aGpMj06511
.
---- Directory of c:\users\Marc\Program Files ----
.
2011-04-01 03:18 . 2010-08-13 17:08 54 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources\da.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-11 01:03 1101 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources\Description.plist
2011-04-01 03:18 . 2010-06-11 01:03 56 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources\English.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-11 01:03 6498 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources\Description.plist
2011-04-01 03:18 . 2010-06-11 01:03 6291 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources\Description-FlatList.plist
2011-04-01 03:18 . 2010-06-11 01:18 7035 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription40Tiger.plist
2011-04-01 03:18 . 2010-06-11 01:18 7330 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription40.plist
2011-04-01 03:18 . 2010-06-11 01:18 7095 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription33.plist
2011-04-01 03:18 . 2010-06-11 01:18 6800 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription33Tiger.plist
2011-04-01 03:18 . 2010-06-11 01:18 7092 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription30.plist
2011-04-01 03:18 . 2010-06-11 01:18 7582 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription20.plist
2011-04-01 03:18 . 2010-06-11 01:18 6960 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources\ClientDescription.plist
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\zh_TW.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\zh_CN.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\sv.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\ru.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\pt_PT.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\pt.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\pl.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\nl.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\nb.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\ko.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\ja.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\it.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\fr.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\fi.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\es.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-11 01:03 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\English.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\de.lproj\Localizable.strings
2011-04-01 03:18 . 2010-08-13 17:08 76 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\da.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-11 01:03 1060 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\Description.plist
2011-04-01 03:18 . 2010-08-13 17:08 875 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\Info.plist
2011-04-01 03:18 . 2010-06-11 01:18 7035 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription40Tiger.plist
2011-04-01 03:18 . 2010-06-11 01:18 7330 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription40.plist
2011-04-01 03:18 . 2010-06-11 01:18 6800 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription33Tiger.plist
2011-04-01 03:18 . 2010-06-11 01:18 7095 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription33.plist
2011-04-01 03:18 . 2010-06-11 01:18 7092 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription30.plist
2011-04-01 03:18 . 2010-06-11 01:18 7582 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription20.plist
2011-04-01 03:18 . 2010-06-11 01:18 6960 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources\ClientDescription.plist
2011-04-01 03:18 . 2010-06-11 01:18 27952 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\SyncUIHandler_main.dll
2011-04-01 03:18 . 2010-06-11 01:03 19760 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe
2011-04-01 03:18 . 2010-08-20 05:10 0 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\CoreFP\CoreFP.icxs
2011-04-01 03:18 . 2010-06-03 17:45 46194 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\zh_TW.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 46130 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\zh_CN.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 52914 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\sv.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 54022 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\ru.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 54204 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\pt_PT.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 54342 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\pt.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 53632 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\pl.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 53852 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\nl.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 52984 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\nb.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 47624 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\ko.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 48208 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\ja.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 53988 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\it.lproj\Localizable.strings
2011-04-01 03:18 . 2010-06-03 17:45 225 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\whiteConnectorPoint.png
2011-04-01 03:18 . 2009-11-03 20:51 5192 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\warningsErrors.png
2011-04-01 03:18 . 2010-06-03 17:45 580 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\warningOrangeDot.png
2011-04-01 03:18 . 2009-11-03 20:51 3833 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\warningMediumIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4244 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\warningIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 259 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\userInputResultIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 777 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\userInputIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 765 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\userInputPreviousIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 179 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\undockButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 3558 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeUpTriangleWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3584 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeUpTriangleBlack.png
2011-04-01 03:18 . 2009-11-03 20:51 3535 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeRightTriangleWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3561 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeRightTriangleBlack.png
2011-04-01 03:18 . 2009-11-03 20:51 3531 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeDownTriangleWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3570 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\treeDownTriangleBlack.png
2011-04-01 03:18 . 2010-06-03 17:45 523 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\trackVert.png
2011-04-01 03:18 . 2010-06-03 17:45 520 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\trackHoriz.png
2011-04-01 03:18 . 2009-11-03 20:51 3336 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillYellow.png
2011-04-01 03:18 . 2009-11-03 20:51 4197 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\toolbarItemSelected.png
2011-04-01 03:18 . 2009-11-03 20:51 3353 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillPurple.png
2011-04-01 03:18 . 2009-11-03 20:51 3343 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillRed.png
2011-04-01 03:18 . 2009-11-03 20:51 3352 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillOrange.png
2011-04-01 03:18 . 2009-11-03 20:51 3297 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillGray.png
2011-04-01 03:18 . 2009-11-03 20:51 3350 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillGreen.png
2011-04-01 03:18 . 2009-11-03 20:51 3346 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelinePillBlue.png
2011-04-01 03:18 . 2010-06-03 17:45 4419 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 3444 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillYellow.png
2011-04-01 03:18 . 2009-11-03 20:51 3460 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillRed.png
2011-04-01 03:18 . 2009-11-03 20:51 3453 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillPurple.png
2011-04-01 03:18 . 2009-11-03 20:51 3452 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillGreen.png
2011-04-01 03:18 . 2009-11-03 20:51 3452 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillOrange.png
2011-04-01 03:18 . 2009-11-03 20:51 3392 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillGray.png
2011-04-01 03:18 . 2009-11-03 20:51 3450 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineHollowPillBlue.png
2011-04-01 03:18 . 2010-06-03 17:45 2436 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineDots.png
2011-04-01 03:18 . 2010-06-03 17:45 3528 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineCheckmarks.png
2011-04-01 03:18 . 2010-06-03 17:45 400 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarYellow.png
2011-04-01 03:18 . 2010-06-03 17:45 420 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarPurple.png
2011-04-01 03:18 . 2010-06-03 17:45 408 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarRed.png
2011-04-01 03:18 . 2010-06-03 17:45 394 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarOrange.png
2011-04-01 03:18 . 2010-06-03 17:45 378 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarGray.png
2011-04-01 03:18 . 2010-06-03 17:45 414 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarGreen.png
2011-04-01 03:18 . 2010-06-03 17:45 419 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\timelineBarBlue.png
2011-04-01 03:18 . 2010-06-03 17:45 568 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbVert.png
2011-04-01 03:18 . 2010-06-03 17:45 583 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbHoverVert.png
2011-04-01 03:18 . 2010-06-03 17:45 667 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbHoverHoriz.png
2011-04-01 03:18 . 2010-06-03 17:45 657 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbHoriz.png
2011-04-01 03:18 . 2010-06-03 17:45 599 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbActiveVert.png
2011-04-01 03:18 . 2010-06-03 17:45 647 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\thumbActiveHoriz.png
2011-04-01 03:18 . 2010-06-03 17:45 585 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\successGreenDot.png
2011-04-01 03:18 . 2010-06-03 17:45 7148 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\storageIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4036 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarResizerVertical.png
2011-04-01 03:18 . 2009-11-03 20:51 4026 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarResizerHorizontal.png
2011-04-01 03:18 . 2009-11-03 20:51 4291 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarMenuButtonSelected.png
2011-04-01 03:18 . 2009-11-03 20:51 4293 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarMenuButton.png
2011-04-01 03:18 . 2009-11-03 20:51 4175 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarButtons.png
2011-04-01 03:18 . 2009-11-03 20:51 4021 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarBottomBackground.png
2011-04-01 03:18 . 2009-11-03 20:51 4024 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\statusbarBackground.png
2011-04-01 03:18 . 2009-11-03 20:51 149 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\splitviewDividerBackground.png
2011-04-01 03:18 . 2009-11-03 20:51 216 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\splitviewDimple.png
2011-04-01 03:18 . 2010-06-03 17:45 1684 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\spinner.gif
2011-04-01 03:18 . 2010-06-03 17:45 1097 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\sessionStorage.png
2011-04-01 03:18 . 2009-11-03 20:51 4070 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segmentSelectedEnd.png
2011-04-01 03:18 . 2009-11-03 20:51 4302 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segmentSelected.png
2011-04-01 03:18 . 2009-11-03 20:51 4074 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segmentHoverEnd.png
2011-04-01 03:18 . 2009-11-03 20:51 4310 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segmentHover.png
2011-04-01 03:18 . 2009-11-03 20:51 4070 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segmentEnd.png
2011-04-01 03:18 . 2009-11-03 20:51 4349 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\segment.png
2011-04-01 03:18 . 2009-11-03 20:51 3844 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\searchSmallWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3936 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\searchSmallGray.png
2011-04-01 03:18 . 2009-11-03 20:51 3966 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\searchSmallBrightBlue.png
2011-04-01 03:18 . 2009-11-03 20:51 3968 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\searchSmallBlue.png
2011-04-01 03:18 . 2009-11-03 20:51 49028 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\scriptsSilhouette.png
2011-04-01 03:18 . 2009-11-03 20:51 7428 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\scriptsIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 5606 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcesSizeGraphIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 5743 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcesTimeGraphIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 42925 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcesSilhouette.png
2011-04-01 03:18 . 2009-11-03 20:51 6431 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcesIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 731 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcePlainIconSmall.png
2011-04-01 03:18 . 2009-11-03 20:51 879 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourceJSIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4321 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourcePlainIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 787 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourceDocumentIconSmall.png
2011-04-01 03:18 . 2009-11-03 20:51 4959 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourceDocumentIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 1066 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\resourceCSSIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 510 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\recordToggledButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 267 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\reloadButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 235 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\radioDot.png
2011-04-01 03:18 . 2010-06-03 17:45 213 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\recordButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 352 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\programCounterBorder.png
2011-04-01 03:18 . 2009-11-03 20:51 48600 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\profilesSilhouette.png
2011-04-01 03:18 . 2009-11-03 20:51 579 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\profileSmallIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4158 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\profilesIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4953 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\profileIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 5126 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\profileGroupIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 2233 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\popoverBackground.png
2011-04-01 03:18 . 2010-06-03 17:45 784 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\popoverArrows.png
2011-04-01 03:18 . 2010-06-03 17:45 357 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\percentButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 331 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\pauseOnExceptionButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 1422 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\paneSettingsButtons.png
2011-04-01 03:18 . 2009-11-03 20:51 3443 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\paneGrowHandleLine.png
2011-04-01 03:18 . 2009-11-03 20:51 3457 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application
Support\WebKit.resources\inspector\Images\paneBottomGrowActive.png
2011-04-01 03:18 . 2009-11-03 20:51 3457 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\paneBottomGrow.png
2011-04-01 03:18 . 2010-06-03 17:45 283 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\nodeSearchButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 1081 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\localStorage.png
2011-04-01 03:18 . 2010-06-03 17:45 192 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\largerResourcesButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 236 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\grayConnectorPoint.png
2011-04-01 03:18 . 2009-11-03 20:51 3790 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\graphLabelCalloutLeft.png
2011-04-01 03:18 . 2009-11-03 20:51 3789 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\graphLabelCalloutRight.png
2011-04-01 03:18 . 2009-11-03 20:51 3591 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\goArrow.png
2011-04-01 03:18 . 2009-11-03 20:51 3739 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\glossyHeaderSelectedPressed.png
2011-04-01 03:18 . 2009-11-03 20:51 3738 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\glossyHeaderSelected.png
2011-04-01 03:18 . 2009-11-03 20:51 3720 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\glossyHeader.png
2011-04-01 03:18 . 2009-11-03 20:51 3721 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\glossyHeaderPressed.png
2011-04-01 03:18 . 2010-06-03 17:45 323 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\gearButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 4202 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\forward.png
2011-04-01 03:18 . 2010-06-03 17:45 285 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\focusButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 212 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\excludeButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 549 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\errorRedDot.png
2011-04-01 03:18 . 2009-11-03 20:51 4337 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\errorIcon.png
2011-04-01 03:18 . 2009-11-03 20:51 4059 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\errorMediumIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 302 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\enableSolidButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 363 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\enableOutlineButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 6639 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\elementsIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 164 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\dockButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 3838 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRightDownWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3818 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRightWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3816 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRightDownBlack.png
2011-04-01 03:18 . 2009-11-03 20:51 3953 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRightDown.png
2011-04-01 03:18 . 2009-11-03 20:51 3807 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRightBlack.png
2011-04-01 03:18 . 2009-11-03 20:51 3898 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallRight.png
2011-04-01 03:18 . 2009-11-03 20:51 3820 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallDownWhite.png
2011-04-01 03:18 . 2009-11-03 20:51 3802 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallDownBlack.png
2011-04-01 03:18 . 2009-11-03 20:51 3919 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\disclosureTriangleSmallDown.png
2011-04-01 03:18 . 2009-11-03 20:51 4271 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\debuggerStepOut.png
2011-04-01 03:18 . 2009-11-03 20:51 4366 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\debuggerStepOver.png
2011-04-01 03:18 . 2009-11-03 20:51 4282 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\debuggerStepInto.png
2011-04-01 03:18 . 2009-11-03 20:51 4081 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\debuggerPause.png
2011-04-01 03:18 . 2009-11-03 20:51 4190 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\debuggerContinue.png
2011-04-01 03:18 . 2009-11-03 20:51 4325 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\databaseTable.png
2011-04-01 03:18 . 2009-11-03 20:51 2329 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\database.png
2011-04-01 03:18 . 2010-06-03 17:45 2246 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\cookie.png
2011-04-01 03:18 . 2010-06-03 17:45 2930 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\consoleIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 183 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\consoleButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 4355 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\closeButtons.png
2011-04-01 03:18 . 2010-06-03 17:45 396 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\clearConsoleButtonGlyph.png
2011-04-01 03:18 . 2009-11-03 20:51 3471 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\checker.png
2011-04-01 03:18 . 2010-06-03 17:45 250 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointsActivateButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 426 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointsDeactivateButtonGlyph.png
2011-04-01 03:18 . 2010-06-03 17:45 526 ---ha-w-
 
ComboFix Part 2

c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointCounterBorder.png
2011-04-01 03:18 . 2010-06-03 17:45 529 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointConditionalCounterBorder.png
2011-04-01 03:18 . 2010-06-03 17:45 379 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointConditionalBorder.png
2011-04-01 03:18 . 2010-06-03 17:45 377 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\breakpointBorder.png
2011-04-01 03:18 . 2009-11-03 20:51 4205 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\back.png
2011-04-01 03:18 . 2010-06-03 17:45 3815 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\Images\auditsIcon.png
2011-04-01 03:18 . 2010-06-03 17:45 10618 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\WebKit.qrc
2011-04-01 03:17 . 2010-06-03 17:45 3915 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\textViewer.css
2011-04-01 03:17 . 2010-06-03 17:45 9177 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\SourceJavaScriptTokenizer.re2js
2011-04-01 03:17 . 2010-06-03 17:45 13355 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\SourceHTMLTokenizer.re2js
2011-04-01 03:17 . 2010-06-03 17:45 21737 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\SourceCSSTokenizer.re2js
2011-04-01 03:17 . 2010-06-03 17:45 4340 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\popover.css
2011-04-01 03:17 . 2010-06-03 17:45 3409 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\inspectorSyntaxHighlight.css
2011-04-01 03:17 . 2010-06-03 17:45 9843 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\inspector.html
2011-04-01 03:17 . 2010-06-03 17:45 88560 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\inspector.css
2011-04-01 03:17 . 2010-06-03 17:45 7295 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\audits.css
2011-04-01 03:17 . 2010-06-03 17:45 54526 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\fr.lproj\Localizable.strings
2011-04-01 03:17 . 2010-06-03 17:45 53624 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\fi.lproj\Localizable.strings
2011-04-01 03:17 . 2010-06-03 17:45 55082 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\es.lproj\Localizable.strings
2011-04-01 03:17 . 2010-06-03 17:45 52026 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\en.lproj\Localizable.strings
2011-04-01 03:17 . 2010-06-03 17:45 54644 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\de.lproj\Localizable.strings
2011-04-01 03:17 . 2010-06-03 17:45 52764 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\da.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 754 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\Info.plist
2011-04-01 03:17 . 2010-06-03 17:45 766 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\JavaScriptCore.resources\Info.plist
2011-04-01 03:17 . 2010-06-03 17:45 14244 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj\URL.strings
2011-04-01 03:17 . 2010-06-03 17:45 31614 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj\FoundationErrors.strings
2011-04-01 03:17 . 2010-06-03 17:45 1084 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj\Formatter.strings
2011-04-01 03:17 . 2010-06-03 17:45 10202 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj\EncodingNames.strings
2011-04-01 03:17 . 2010-06-03 17:45 1542 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj\Document.strings
2011-04-01 03:17 . 2010-06-03 17:45 731 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\Foundation.resources\Info.plist
2011-04-01 03:17 . 2010-06-03 17:45 445 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.resources\Info.plist
2011-04-01 03:17 . 2009-11-03 20:51 6584 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\zh_TW.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 874 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\zh_TW.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 6632 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\zh_CN.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 868 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\zh_CN.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 1086 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\sv.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8152 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\sv.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1096 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ru.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8052 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ru.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1116 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\pt_PT.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8226 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\pt_PT.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 8252 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\pl.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1050 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\pl.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8364 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\nl.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1088 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\nl.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8132 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\nb.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1030 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\nb.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 7082 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ko.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 908 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ko.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 7110 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ja.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 870 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\ja.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8290 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\it.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1066 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\it.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8096 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\fr.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1132 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\fr.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 7834 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\fi.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1054 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\fi.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8262 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\es.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1078 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\es.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2010-06-03 17:45 8184 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\en.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 8698 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\de.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1126 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\de.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2009-11-03 20:51 8064 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\da.lproj\Error.strings
2011-04-01 03:17 . 2009-11-03 20:51 1062 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\da.lproj\CFSafeLaunch.strings
2011-04-01 03:17 . 2010-08-10 04:00 906 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\Info.plist
2011-04-01 03:17 . 2009-11-03 20:51 87224 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\CFUnicodeData-L.mapping
2011-04-01 03:17 . 2009-11-03 20:51 434391 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.resources\CFCharacterSetBitmaps.bitmap
2011-04-01 03:17 . 2009-11-03 20:51 17036 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_TW.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 17068 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_CN.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 22054 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\sv.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 25528 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\ru.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23252 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt_PT.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23220 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 22390 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\pl.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23136 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\nl.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 21984 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\nb.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 18518 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\ko.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 18598 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\ja.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23100 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\it.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23138 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\fr.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 22004 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\fi.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23668 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\es.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 21974 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\English.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 23502 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\de.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 22462 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\da.lproj\Localizable.strings
2011-04-01 03:17 . 2009-11-03 20:51 10720 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\types.plist
2011-04-01 03:17 . 2010-06-03 17:45 886 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.resources\Info.plist
2011-04-01 03:17 . 2010-06-03 17:46 0 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\IncompatibleApps.list
2011-04-01 03:17 . 2010-06-03 17:45 75040 ---ha-w- c:\users\Marc\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
2011-04-01 03:17 . 2010-08-05 12:06 677 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Thawte Root Certificate.cer
2011-04-01 03:17 . 2010-08-05 12:06 234204 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\stylesNative.swf
2011-04-01 03:17 . 2010-08-05 12:06 742749 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\setup.swf
2011-04-01 03:17 . 2010-08-05 12:06 2872 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\digest.s
2011-04-01 03:17 . 2010-08-05 12:06 288579 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\adobecp.vch
2011-04-01 03:17 . 2010-08-05 12:06 1189 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe Root Certificate.cer
2011-04-01 03:17 . 2010-08-05 12:06 729219 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR.vch
2011-04-01 03:17 . 2010-08-05 12:06 722179 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf
2011-04-01 03:17 . 2010-08-05 12:06 11 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe AIR\sentinel
2011-04-01 03:17 . 2009-01-08 06:01 1262 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe\Updater6\AdobeUpdater.cer
2011-04-01 03:17 . 2009-01-08 06:01 1261 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe\Updater6\AdobeUpdate.cer
2011-04-01 03:17 . 2009-01-08 06:01 1233 ---ha-w- c:\users\Marc\Program Files\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer
2011-04-01 03:17 . 2008-05-14 15:59 18093 ---ha-r- c:\users\Marc\Program Files\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt
2011-04-01 03:17 . 2010-05-18 20:55 5517 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\zh_TW.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 5359 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\zh_CN.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3830 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\sv.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 14741 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\ru.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 5074 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\pt_PT.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 4206 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\pt.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 4736 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\pl.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 4121 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\nl.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3002 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\nb.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 8183 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\ko.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 8551 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\ja.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3429 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\it.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 4497 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\fr.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3866 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\fi.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 5738 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\es.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3671 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\en_GB.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3671 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\en.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3780 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\de.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2010-05-18 20:55 3856 ---ha-w- c:\users\Marc\Program Files\Bonjour\Bonjour.Resources\da.lproj\About Bonjour.rtf
2011-04-01 03:17 . 2008-07-30 17:34 30910 ---ha-w- c:\users\Marc\Program Files\Apple Software Update\SoftwareUpdate.Resources\Software Update.tiff
2011-04-01 03:17 . 2010-01-04 18:39 109673432 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A93000000001}\Data1.cab
2011-04-01 03:17 . 2004-06-01 14:36 9506 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9516 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9644 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9236 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9653 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9503 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT
2011-04-01 03:17 . 2004-06-01 14:36 9828 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT
2011-04-01 03:17 . 2004-06-01 15:34 4634 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT
2011-04-01 03:17 . 2004-06-01 15:34 12825 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT
2011-04-01 03:17 . 2004-06-01 15:34 15731 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT
2011-04-01 03:17 . 2004-06-01 15:34 14792 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT
2011-04-01 03:17 . 2004-06-01 15:34 14423 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT
2011-04-01 03:17 . 2004-06-01 15:34 14204 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT
2011-04-01 03:17 . 2004-06-01 15:34 13355 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT
2011-04-01 03:17 . 2004-06-01 15:34 13432 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT
2011-04-01 03:17 . 2004-06-01 15:34 13552 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT
2011-04-01 03:17 . 2004-06-01 15:34 18952 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT
2011-04-01 03:17 . 2004-06-01 15:34 12948 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT
2011-04-01 03:17 . 2004-06-01 14:36 11932 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt
2011-04-01 03:17 . 2004-06-01 14:36 10381 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt
2011-04-01 03:17 . 2004-06-01 14:36 214512 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat
2011-04-01 03:17 . 2007-09-11 13:43 13724 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp
2011-04-01 03:17 . 2007-06-29 01:40 173149 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp
2011-04-01 03:17 . 2007-06-29 01:40 4668 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca
2011-04-01 03:17 . 2007-06-29 01:40 285909 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp
2011-04-01 03:17 . 2007-06-29 01:40 4668 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca
2011-04-01 03:17 . 2007-06-29 01:40 185899 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp
2011-04-01 03:17 . 2007-06-29 01:40 4748 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca
2011-04-01 03:17 . 2007-01-26 20:04 28140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt
2011-04-01 03:17 . 2007-01-26 20:04 28140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt
2011-04-01 03:17 . 2007-01-26 20:04 28140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt
2011-04-01 03:17 . 2007-01-26 20:04 28140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt
2011-04-01 03:17 . 2007-01-26 20:04 28140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt
2011-04-01 03:17 . 2010-01-20 00:43 94360 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf
2011-04-01 03:17 . 2010-01-20 00:43 98064 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf
2011-04-01 03:17 . 2010-01-20 00:43 100252 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf
2011-04-01 03:17 . 2010-01-20 00:43 95684 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf
2011-04-01 03:17 . 2010-01-20 00:43 231312 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf
2011-04-01 03:17 . 2010-01-20 00:43 276140 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf
2011-04-01 03:17 . 2010-01-20 00:43 276632 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf
2011-04-01 03:17 . 2010-01-20 00:43 230912 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf
2011-04-01 03:17 . 2009-12-21 16:31 36732 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\CourierStd.otf
2011-04-01 03:17 . 2009-12-21 16:31 38152 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf
2011-04-01 03:17 . 2009-12-21 16:31 37852 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf
2011-04-01 03:17 . 2009-12-21 16:31 36520 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf
2011-04-01 03:17 . 2009-12-21 16:31 89660 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf
2011-04-01 03:17 . 2000-10-09 17:44 1249 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\CMap\Identity-V
2011-04-01 03:17 . 2000-10-09 17:44 6716 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\CMap\Identity-H
2011-04-01 03:17 . 2002-12-01 20:01 7582 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Resource\ENUtxt.pdf
2011-04-01 03:17 . 2008-02-20 22:07 369 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\warning.gif
2011-04-01 03:17 . 2008-03-01 07:02 1002 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif
2011-04-01 03:17 . 2008-02-15 23:01 831 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif
2011-04-01 03:17 . 2008-03-01 07:03 995 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif
2011-04-01 03:17 . 2008-02-15 22:17 824 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif
2011-04-01 03:17 . 2006-06-09 21:33 1161 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\trash.gif
2011-04-01 03:17 . 2008-01-10 17:57 85 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\tr.gif
2011-04-01 03:17 . 2008-02-20 22:06 906 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif
2011-04-01 03:17 . 2008-01-10 17:57 85 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\tl.gif
2011-04-01 03:17 . 2008-02-20 22:06 915 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif
2011-04-01 03:17 . 2008-02-20 22:03 225 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif
2011-04-01 03:17 . 2006-06-09 21:57 1255 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif
2011-04-01 03:17 . 2008-02-20 22:06 222 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\rss.gif
2011-04-01 03:17 . 2008-02-20 22:03 576 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif
2011-04-01 03:17 . 2006-06-09 21:30 1365 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif
2011-04-01 03:17 . 2008-02-20 22:06 962 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif
2011-04-01 03:17 . 2006-06-09 21:29 1405 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\review_email.gif
2011-04-01 03:17 . 2006-06-09 21:32 1151 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif
2011-04-01 03:17 . 2008-02-20 22:02 814 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif
2011-04-01 03:17 . 2008-02-20 22:02 909 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif
2011-04-01 03:17 . 2008-02-20 22:02 914 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif
2011-04-01 03:17 . 2006-06-09 21:54 1452 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif
2011-04-01 03:17 . 2007-05-26 01:11 480 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\pdf.gif
2011-04-01 03:17 . 2008-02-20 21:58 806 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif
2011-04-01 03:17 . 2006-06-09 21:13 578 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\info.gif
2011-04-01 03:17 . 2008-04-25 23:59 11930 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\main.css
2011-04-01 03:17 . 2008-02-20 21:59 969 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif
2011-04-01 03:17 . 2008-02-20 21:54 552 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif
2011-04-01 03:17 . 2008-02-20 21:54 615 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif
2011-04-01 03:17 . 2008-02-20 21:52 613 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif
2011-04-01 03:17 . 2008-05-02 18:27 807 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif
2011-04-01 03:17 . 2008-02-15 22:28 900 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\end_review.gif
2011-04-01 03:17 . 2006-06-09 21:24 1360 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif
2011-04-01 03:17 . 2006-06-09 21:21 1443 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\email_all.gif
2011-04-01 03:17 . 2007-12-07 16:10 1194 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\create_form.gif
2011-04-01 03:17 . 2007-12-07 16:11 821 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif
2011-04-01 03:17 . 2008-01-10 17:57 82 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\br.gif
2011-04-01 03:17 . 2008-01-10 17:57 83 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\bl.gif
2011-04-01 03:17 . 2006-06-09 21:19 1338 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif
2011-04-01 03:17 . 2010-01-21 18:10 78276 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf
2011-04-01 03:17 . 2010-06-19 19:29 15360 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d
2011-04-01 03:17 . 2010-06-19 20:12 4158880 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d
2011-04-01 03:17 . 2010-06-19 19:29 176128 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d
2011-04-01 03:17 . 2010-06-19 19:29 751616 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d
2011-04-01 03:17 . 2010-06-19 19:29 396288 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d
2011-04-01 03:17 . 2010-06-19 19:29 266240 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d
2011-04-01 03:17 . 2010-06-19 19:30 541696 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d
2011-04-01 03:17 . 2005-06-20 21:36 806912 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD
2011-04-01 03:17 . 2005-06-20 21:36 15103 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC
2011-04-01 03:17 . 2005-06-20 21:36 2255 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst
2011-04-01 03:17 . 2005-06-20 21:36 22902 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng
2011-04-01 03:17 . 2005-06-20 21:36 287 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD
2011-04-01 03:17 . 2005-06-20 21:36 22902 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng
2011-04-01 03:17 . 2005-06-20 21:36 392 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX
2011-04-01 03:17 . 2005-06-20 21:36 3977 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP
2011-04-01 03:17 . 2010-06-19 19:36 225280 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp
2011-04-01 03:17 . 2010-06-19 19:36 114688 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp
2011-04-01 03:17 . 2010-06-19 19:36 286720 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp
2011-04-01 03:17 . 2010-06-19 19:36 102400 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp
2011-04-01 03:17 . 2010-06-19 19:31 131072 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp
2011-04-01 03:17 . 2005-06-20 21:36 40726 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf
2011-04-01 03:17 . 2005-06-20 21:36 108763 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf
2011-04-01 03:17 . 2005-06-20 21:36 57218 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf
2011-04-01 03:17 . 2005-06-20 21:36 112498 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf
2011-04-01 03:17 . 2009-02-27 16:07 79360 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp
2011-04-01 03:17 . 2009-02-27 16:07 527872 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp
2011-04-01 03:17 . 2009-02-27 16:07 112640 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp
2011-04-01 03:17 . 2010-05-28 14:06 44248 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc
2011-04-01 03:17 . 2009-10-03 07:46 92259 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\IA32.api
2011-04-01 03:17 . 2002-12-20 04:20 8574 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc
2011-04-01 03:17 . 2000-09-27 23:49 46 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Optional\README.TXT
2011-04-01 03:17 . 2008-03-17 18:46 28304 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Legal\ENU\license.html
2011-04-01 03:17 . 2010-06-19 20:00 1170896 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin
2011-04-01 03:17 . 2006-08-16 18:08 80651 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf
2011-04-01 03:17 . 2006-08-16 18:09 82070 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf
2011-04-01 03:17 . 2008-03-28 12:44 1261 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer
2011-04-01 03:17 . 2009-02-27 16:51 317400 ---ha-w- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup
2011-04-01 03:17 . 2007-09-19 12:50 1098 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\RTC.der
2011-04-01 03:17 . 2004-05-12 19:14 420 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\pmd.cer
2011-04-01 03:17 . 2008-05-13 19:13 353321 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf
2011-04-01 03:17 . 2007-11-16 20:02 1400 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.sig
2011-04-01 03:17 . 2008-05-27 15:38 5552 ---ha-r- c:\users\Marc\Program Files\Adobe\Reader 9.0\ReadMe.htm
2011-04-01 03:17 . 2010-08-05 12:06 2872 ---ha-w- c:\users\Marc\Program Files\Adobe\Flash Player\AddIns\airappinstaller\digest.s
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTOSHIBA"="c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-04 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 151064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"NortonOnlineBackupReminder"="c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1996-11-17 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-17 51984]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 CFcatchme;CFcatchme;c:\users\Marc\AppData\Local\Temp\CFcatchme.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-06 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 685424]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-27 1343400]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx86.sys [2011-04-15 802936]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110513.001\IDSvix86.sys [2011-03-30 353912]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 mon4skype;Viewer4Skype Monitor;c:\program files\Kenabee\Viewer4Skype\mon4skype.exe [2009-12-04 110592]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 svc4skype;Viewer4Skype Intercom;c:\program files\Kenabee\Viewer4Skype\svc4skype.exe [2009-12-04 110592]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-12 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-11 105592]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-31 187392]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 02:17]
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 02:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Driver Performer_is1 - c:\program files\Driver-Soft\DriverPerformer\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2011-05-15 15:06:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-15 19:06
ComboFix2.txt 2011-04-22 04:21
.
Pre-Run: 269,263,568,896 bytes free
Post-Run: 269,459,365,888 bytes free
.
- - End Of File - - 68EE04E358A17CE77C80D263E89163EC
 
hijack this log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:27 PM, on 5/15/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\Explorer.exe
C:\Users\Marc\Desktop\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewer4Skype Monitor (mon4skype) - Kenabee Systems Inc. - C:\Program Files\Kenabee\Viewer4Skype\mon4skype.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: Viewer4Skype Intercom (svc4skype) - Kenabee Systems Inc. - C:\Program Files\Kenabee\Viewer4Skype\svc4skype.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

--
End of file - 9094 bytes
 
Okay, we'll stick with this thread since the original one was started 3 weeks ago. My last reply was 2 weeks ago. Are you subscribing to the threads you start? Wonder if there was a board problem because I didn't get notice of a reply from you also.

Is this problem the same?
I've got the google redirect virus and I can't quite get to the root of the problem. I have been able to clean up a bunch of stuff, but tdsskiller won't run.
Click to expand...
Have you run any other scanning programs in the last 2 weeks? Are there any new symptoms?

Regarding TDSSKiller- that is a specific program for a specific problem. It isn't a generic cleaning program.

Please run a new scan with Malwarebyts. If you still have it on the desktop, okay to use, but be sure to update first.

And rescan with Eset:
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESETOnlineScan
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    [o] Double click on the
    esetSmartInstallDesktopIcon.png
    on your desktop.
  • Check 'Yes I accept terms of use.'
  • Click Start button
  • Accept any security warnings from your browser.
    esetonlinescannersettings_thumb.jpg
  • Uncheck 'Remove found threats'
  • Check 'Scan archives/
  • Leave remaining settings as is.
  • Press the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
  • When the scan completes, press List of found threats
  • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
  • Push the Back button
  • Push Finish

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

I'll check both of those logs along with Combofix.
 
Yes, I am still having the same problem. The other issue that has been going on is that I get audio playing in the background even when my browser is closed. I hear advertisements and news stories. Here are the logs for Eset and hijack this. Also when I ran hijack this a message came up that said it could not write to the host file and that I would need to do that manually. Thanks again.

Eset

C:\Qoobox\Quarantine\C\Program Files\Search Toolbar\SearchToolbar.dll.vir Win32/Toolbar.Zugo application


Hijack this

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:05 PM, on 5/15/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\Explorer.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\Marc\Desktop\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewer4Skype Monitor (mon4skype) - Kenabee Systems Inc. - C:\Program Files\Kenabee\Viewer4Skype\mon4skype.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: Viewer4Skype Intercom (svc4skype) - Kenabee Systems Inc. - C:\Program Files\Kenabee\Viewer4Skype\svc4skype.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

--
End of file - 9291 bytes
 
Please run a new scan with Malwarebyts. If you still have it on the desktop, okay to use, but be sure to update first.

The Eset scan is fine. That entry as quarantined by Combofix.
 
new malware scan

This is a quick scan, should I do a full scan too?


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6601

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

5/17/2011 6:54:31 PM
mbam-log-2011-05-17 (18-54-31).txt

Scan type: Quick scan
Objects scanned: 153766
Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Go ahead and run the script below. You should still have Combofix on the desktop. Let it update, be sure to disable Norton. There are just a few entrie but it will generate a new log and hopefully will give me some indication of what's causing the problem:

Please run this Custom CFScript:

  • [1]. Close any open browsers.
    [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:
Code: 
File::
c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
c:\program files\Internet Explorer\Plugins\npqtplugin.dll
Folder::
c:\users\Marc\AppData\Local\temp
c:\programdata\jEcIbKpEnAi06504\jEcIbKpEnAi06504
c:\programdata\oHk06511aGpMj06511\oHk06511aGpMj06511
Save this as CFScript.txt, in the same location as ComboFix.exe
CFScriptB-4.gif


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please paste into to your next reply.
====================
Also run Supseantispyware. It may find entries that Mbam did not and it will also give me information on your Tracking Cookies. Please be sure to check the line for removal:
SASLogo48x48.gif

SuperAntiSpyware Home Edition Free Version
  • Please download SuperAntiSpyware from HERE
  • Launch SuperAntiSpyware and click on 'Check for updates'.
  • Wait for the updates to be installed
  • On the main screen click on 'Scan your computer'.
  • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
  • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
  • Make sure everything found has a checkmark next to it,then press 'Next'.
  • Click on 'Finish' when you've done.
It's possible that the program will ask you to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
  • Click on 'Preferences'.
  • Click on the 'Statistics/Logs' tab.
  • Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad. Paste the notepad file here on your reply.
======================================
Please paste both logs into next reply.
 
Here are the new ComboFix and Superantispyware logs. Thanks again.


ComboFix 11-05-19.02 - Marc 05/20/2011 18:16:01.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2940.1808 [GMT -4:00]
Running from: c:\users\Marc\Desktop\ComboFix.exe
Command switches used :: c:\users\Marc\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Internet Explorer\Plugins\npqtplugin.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin2.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin3.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin4.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin5.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin6.dll"
"c:\program files\Internet Explorer\Plugins\npqtplugin7.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\Plugins\npqtplugin.dll
c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
c:\users\Marc\AppData\Local\temp
c:\users\Marc\AppData\Local\temp\~DF7E8D254A42CC60B2.TMP
c:\users\Marc\AppData\Local\temp\~DFA4FD02B70C89CA86.TMP
c:\users\Marc\AppData\Local\temp\AdobeARM.log
c:\users\Marc\AppData\Local\temp\catchme.dll
c:\users\Marc\AppData\Local\temp\FXSAPIDebugLogFile.txt
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CFcatchme
-------\Service_CFcatchme
.
.
((((((((((((((((((((((((( Files Created from 2011-04-20 to 2011-05-20 )))))))))))))))))))))))))))))))
.
.
2011-05-20 22:24 . 2011-05-20 22:24 -------- d-----w- c:\users\Marc\AppData\Local\Temp
2011-05-20 22:23 . 2011-05-20 22:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-07 11:02 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-05-07 11:02 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-05-07 11:02 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-05-02 22:59 . 2011-05-06 03:57 -------- d-----w- c:\windows\system32\drivers\NIS\1206000.01D
2011-04-26 20:17 . 2011-02-18 05:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-26 20:17 . 2011-03-11 05:44 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-26 20:17 . 2011-03-11 05:44 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-26 20:17 . 2011-03-11 05:44 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-26 20:17 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\system32\esent.dll
2011-04-26 20:16 . 2011-03-11 05:44 146304 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-26 20:16 . 2011-03-11 05:43 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-26 20:16 . 2011-03-11 05:43 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-26 20:16 . 2011-03-11 05:43 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-26 20:16 . 2011-03-11 05:37 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-04-26 20:16 . 2011-03-12 11:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-26 20:16 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\explorer.exe
2011-04-23 16:02 . 2011-04-23 16:02 -------- d-----w- c:\program files\iPod
2011-04-23 15:59 . 2011-04-23 15:59 -------- d-----w- c:\program files\Bonjour
2011-04-22 02:51 . 2011-04-22 02:51 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 22:59 . 2010-01-05 02:32 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-20 00:48 . 2011-04-20 00:48 388096 ----a-r- c:\users\Marc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-19 13:40 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-18 15:02 . 2011-04-18 15:02 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-18 15:02 . 2011-04-18 15:02 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-18 15:02 . 2011-04-18 15:02 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-18 15:02 . 2011-04-18 15:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-18 15:02 . 2011-04-18 15:02 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-18 15:02 . 2011-04-18 15:02 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-18 15:02 . 2011-04-18 15:02 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-18 15:02 . 2011-04-18 15:02 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-18 15:02 . 2011-04-18 15:02 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-18 15:02 . 2011-04-18 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-18 15:02 . 2011-04-18 15:02 367104 ----a-w- c:\windows\system32\html.iec
2011-04-18 15:02 . 2011-04-18 15:02 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-18 15:02 . 2011-04-18 15:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-18 15:02 . 2011-04-18 15:02 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-18 15:02 . 2011-04-18 15:02 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-18 15:02 . 2011-04-18 15:02 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-18 15:02 . 2011-04-18 15:02 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-18 15:02 . 2011-04-18 15:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-18 15:02 . 2011-04-18 15:02 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-18 15:02 . 2011-04-18 15:02 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-18 15:02 . 2011-04-18 15:02 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-23 14:11 . 2011-04-12 21:34 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52669BB5-9EBE-4C20-A3E2-080390ADE61F}\mpengine.dll
2011-03-11 05:40 . 2011-04-18 14:13 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-18 14:13 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-08 05:38 . 2011-04-18 14:13 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:29 . 2011-04-18 14:15 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:27 . 2011-04-18 14:15 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:31 . 2011-04-18 14:14 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 05:32 . 2011-04-18 14:14 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 05:06 . 2011-04-18 14:15 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:05 . 2011-04-18 14:15 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:05 . 2011-04-18 14:15 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:05 . 2011-04-18 14:13 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:05 . 2011-04-18 14:13 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:05 . 2011-04-18 14:13 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:05 . 2011-04-18 14:13 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTOSHIBA"="c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-04 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 151064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"NortonOnlineBackupReminder"="c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1996-11-17 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-17 51984]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-06 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 685424]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-27 1343400]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110518.001\BHDrvx86.sys [2011-04-15 802936]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110518.001\IDSvix86.sys [2011-03-30 353912]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 mon4skype;Viewer4Skype Monitor;c:\program files\Kenabee\Viewer4Skype\mon4skype.exe [2009-12-04 110592]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 svc4skype;Viewer4Skype Intercom;c:\program files\Kenabee\Viewer4Skype\svc4skype.exe [2009-12-04 110592]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-12 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-11 105592]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-31 187392]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 02:17]
.
2011-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 02:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\conhost.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2011-05-20 18:28:38 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-20 22:28
ComboFix2.txt 2011-05-15 19:06
ComboFix3.txt 2011-04-22 04:21
.
Pre-Run: 268,419,854,336 bytes free
Post-Run: 268,317,913,088 bytes free
.
- - End Of File - - B64A0D6196076D2B913CD9931BC7DF6B


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/20/2011 at 10:20 PM

Application Version : 4.52.1000

Core Rules Database Version : 6999
Trace Rules Database Version: 4811

Scan type : Quick Scan
Total Scan Time : 00:09:10

Memory items scanned : 798
Memory threats detected : 0
Registry items scanned : 2656
Registry threats detected : 0
File items scanned : 7457
File threats detected : 58

Adware.Tracking Cookie
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@www.find-quick-results[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@realmedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@collective-media[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@burstnet[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@mediabrandsww[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@apmebf[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@tacoda[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@adbrite[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@revsci[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@ads.pointroll[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@mediaplex[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@www.burstnet[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@network.realmedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@tacoda.at.atwola[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@imrworldwide[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@ads.undertone[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@2o7[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@serving-sys[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@interclick[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@www.burstbeacon[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@www.icityfind[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@d.mediadakine[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@media6degrees[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@segment-pixel.invitemedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@burstbeacon[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@advertising[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@ar.atwola[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@ru4[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@pointroll[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@search.boltfind[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@dc.tremormedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@lucidmedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@advertise[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@r1-ads.ace.advertising[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@questionmarket[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@www.plomedia[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@fastsfind[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@yieldmanager[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@citi.bridgetrack[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@insightexpressai[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@invitemedia[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@ad.yieldmanager[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@overture[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@doubleclick[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@tribalfusion[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@fastclick[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@content.yieldmanager[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@viacom.adbureau[2].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@atdmt[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@zedo[1].txt
C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Cookies\marc@at.atwola[2].txt
convoad.technoratimedia.net [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
media.kyte.tv [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
media.mtvnservices.com [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
media.scanscout.com [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
media1.break.com [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
s0.2mdn.net [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
secure-us.imrworldwide.com [ C:\Users\Marc\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3C76N4HQ ]
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
792
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni

Latest posts

Back