Solved Problem with Internet Security 2010

cecelikeike · 2010/01/19

[Resolved] Problem with Internet Security 2010

I have the IS 2010 virus on a friends laptop, I see that you guys say to run DDS,I can the problem I am having is this, when I boot into safe mode, it goes to the desktop and when I try to run any software, it will give me only 60 seconds, to start anything, then it shuts down. I have to reboot several times, I feel like I am running in circles. Will I have time to run DDS before it shuts down? Thanks in advance for any help.

broni · 2010/01/19

Download both tools listed below first (maybe even on good computer and move them to bad computer)...

1. Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.pif
* Rkill.exe

* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run then try to immediately run the following.

2. Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE 1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

cecelikeike · 2010/01/20

ok I downloaded all of the rkill, and this is what I got:
This system is shutting down. Please save all work in progress and log off. Any unsaved changes will be lost. This sutdown was initiated by NT Authority/ System Remote Procedure Calll service terminated unexcpectantly.
This file cannot be started. It is infected.
Worm.Win32.Netsky has been detected. Run antivirus software.
I tried to run it again, with combofix, and then this is what I got:
Cannot find the file CFversionold. Creating system restore. Next options?

broni · 2010/01/20

1. Download Dr.Web LiveCD: ftp://ftp.drweb.com/pub/drweb/livecd/minDrWebLiveCD-5.0.1.iso
2. Download, and install free Imgburn: http://www.imgburn.com/index.php?act=download
3. Using Imgburn, burn minDrWebLiveCD-5.0.1.iso to a CD.
4. Make sure that the CD/DVD drive is set as the first-boot device. Adjust corresponding BIOS settings, if necessary.
5. Insert Dr.Web LiveCD into the drive and restart computer.
6. As loading starts, a dialogue window will pop up:

7. Press Enter to continue with DrWeb-LiveCD (Default) mode.
8. The operating system will detect all available disk drives automatically. It will also try to connect to the local network, if available.
9. Check the disks or folders you want to scan, and click on Start.

Dr.Web LiveCD user manual: ftp://ftp.drweb.com/pub/drweb/livecd/LiveCD-ru.pdf

cecelikeike · 2010/01/20

Ok, I ran DrWeb and it got me to the point where now I can run windows malicious removal tool, and such. The problem I am still having is that, the IS2010 still pops up and runs a scan. I am running windows malicious removal tool right now. I am going to try and use rkill now with combofix. If it matters the computer at hand is a fujitsu p7230 netbook running XP home w/SP3

broni · 2010/01/20

Good news then
Don't bother with Windows malicious removal tool.
Run Combofix as soon, as possible. Combo can be run in Safe Mode, if you need to.

cecelikeike · 2010/01/20

Combo fix is running right now. So should this do the trick? I mean when I log on, I shouldn't see that "Your Computer is Infected sign" right? Thanks for your help. I really appreciate it.

broni · 2010/01/20

We won't rush, or predict anything.
At this point, we should be very happy, we made your computer bootable.
It surely will take few scans to make sure your computer is clean.

cecelikeike · 2010/01/20

Should I run combo fix a couple more times. I already ran it twice. and now I am installing AVG 9, then malware bytes and getting rid of norton. What else should I run?

broni · 2010/01/20

Please, please, do ONLY what I ask you to do!

My instructions say in big, red letters:
DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Post Combofix log and do nothing else.

cecelikeike · 2010/01/20

Oh yeah, sorry ok,how will i know when it is completely clean

broni · 2010/01/20

When I tell you, it's clean, it'll be clean.
Do not install anything, especially AVG.

cecelikeike · 2010/01/20

Ok will do

broni · 2010/01/20

So, I need that Combofix log.

cecelikeike · 2010/01/20

ComboFix 10-01-20.04 - Administrator 01/20/2010 14:36:08.2.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.756 [GMT -10:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2009-12-21 to 2010-01-21 )))))))))))))))))))))))))))))))
.

2010-01-20 23:19 . 2009-09-22 01:59 3101560 ----a-w- c:\documents and settings\Phillip\Application Data\Simply Super Software\Trojan Remover\rsw5.exe
2010-01-20 22:57 . 2009-09-22 01:59 3101560 ----a-w- c:\documents and settings\Tracey\Application Data\Simply Super Software\Trojan Remover\tto1.exe
2010-01-20 07:06 . 2010-01-20 07:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\AVG8
2010-01-20 06:46 . 2009-09-22 01:59 3101560 ----a-w- c:\documents and settings\Administrator\Application Data\Simply Super Software\Trojan Remover\mfb2.exe
2010-01-20 06:04 . 2010-01-20 06:07 -------- d-----w- C:\22780eb913e083f7cba4e4
2010-01-20 03:11 . 2009-09-22 01:59 3101560 ----a-w- c:\documents and settings\Phillip\Application Data\Simply Super Software\Trojan Remover\uyd1.exe
2010-01-20 02:47 . 2010-01-20 02:47 -------- d-----w- c:\documents and settings\Phillip\Application Data\Malwarebytes
2010-01-20 02:21 . 2010-01-20 02:22 -------- d-----w- C:\cb73ad1185a510e69b40a9e4
2010-01-20 02:19 . 2010-01-20 23:09 -------- d-----w- c:\program files\VS Revo Group
2010-01-20 02:14 . 2010-01-20 02:19 -------- d-----w- C:\49c064785cbf89db26dc
2010-01-20 01:56 . 2010-01-20 01:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Bytemobile
2010-01-20 01:30 . 2010-01-20 01:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-01-20 01:30 . 2010-01-20 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-20 00:51 . 2010-01-20 00:51 -------- d-----w- c:\documents and settings\Phillip\Application Data\Simply Super Software
2010-01-20 00:41 . 2010-01-20 00:41 -------- d-----w- c:\documents and settings\Tracey\Application Data\Simply Super Software
2010-01-20 00:22 . 2010-01-20 23:25 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-20 00:15 . 2006-06-19 23:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-01-20 00:15 . 2006-05-26 01:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-01-20 00:15 . 2005-08-26 11:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-01-20 00:15 . 2003-02-03 06:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-01-20 00:15 . 2002-03-06 11:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-01-20 00:15 . 2010-01-20 03:08 -------- d-----w- c:\program files\Trojan Remover
2010-01-20 00:15 . 2010-01-20 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2010-01-20 00:15 . 2010-01-20 00:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\Simply Super Software
2010-01-19 23:50 . 2010-01-19 23:50 -------- d-----w- C:\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 23:03 . 2009-12-13 07:37 -------- d-----w- c:\documents and settings\Phillip\Application Data\LimeWire
2010-01-20 02:27 . 2009-11-22 02:39 -------- d-----w- c:\program files\IObit
2010-01-18 20:50 . 2008-08-28 00:15 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-18 08:45 . 2009-11-17 02:39 79488 ----a-w- c:\documents and settings\Tracey\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 20:26 . 2008-08-28 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-12-15 00:09 . 2009-12-15 00:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-12-13 08:19 . 2009-02-17 06:09 -------- d-----w- c:\documents and settings\Phillip\Application Data\Apple Computer
2009-12-06 00:08 . 2009-12-06 00:08 -------- d-----w- c:\documents and settings\Phillip\Application Data\IObit
2009-11-22 02:39 . 2009-11-22 02:39 -------- d-----w- c:\documents and settings\Tracey\Application Data\IObit
2009-11-20 18:25 . 2009-11-20 18:25 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel "= "c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 451872]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart "= "c:\program files\Common Files\Ahead\Lib\NMFirstStart.exe" [2007-07-05 16168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Symantec PIF AlertEng "= "c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Phillip^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Phillip\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATSwpNav]
c:\program files\Fingerprint Sensor\ATSwpNav -run [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 12:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AT&T Communication Manager]
2007-12-21 16:43 33280 ----a-w- c:\program files\AT&T\Communication Manager\ATTCM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atchk]
2007-03-05 05:43 404248 ----a-r- c:\program files\Intel\AMT\atchk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-05 00:01 148776 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-01-10 05:59 115816 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2002-05-24 12:46 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon04]
2002-06-20 19:06 339968 ----a-w- c:\windows\system32\hphmon04.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD04]
2002-05-24 12:47 49152 ----a-w- c:\program files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-11-03 08:22 77824 ----a-r- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-03 08:26 118784 ----a-r- c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2007-07-25 23:30 974848 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2007-07-25 23:32 823296 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-13 02:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-06-20 22:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LoadFUJ02E3]
2006-11-17 22:38 80688 ----a-w- c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2007-09-07 00:53 169264 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-07-05 00:20 161064 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
2007-01-14 07:11 771704 ----a-w- c:\program files\Norton Internet Security\osCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSUtility]
2006-10-30 07:37 136744 ----a-w- c:\program files\Fujitsu\PSUtility\TrayManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 09:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-14 05:33 52832 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-17 17:42 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-03-24 04:45 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2009-10-18 06:35 1070984 ----a-w- c:\program files\Trojan Remover\Trjscan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"omniserv "=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=

R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [8/27/2008 4:56 PM 4864]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [10/29/2006 9:37 PM 63016]
S2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [8/27/2008 2:25 PM 1489688]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\AT&T\Communication Manager\RcAppSvc.exe [12/21/2007 6:42 AM 113176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 22:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2009-09-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 22:34]

2009-12-01 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Tracey.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 09:09]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com/?fr=fp-yma3
uInternet Connection Wizard,ShellNext = hxxp://www.enigmasoftware.com/download_scanner/spyhunterS.exe
LSP: bmnet.dll
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {DEA6994F-3ED5-40BC-B5E3-0FD02411B1B4} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_1/PhotoCenter_ActiveX_Control.cab?
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 14:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-01-20 14:40:09
ComboFix-quarantined-files.txt 2010-01-21 00:40
ComboFix2.txt 2010-01-21 00:31

Pre-Run: 22,395,342,848 bytes free
Post-Run: 22,381,359,104 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[Boot Loader]
Timeout=2
Default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - B954069C97DB49132096C85851355427

broni · 2010/01/20

OK. I need a log from the original run, ComboFix2.txt located in C directory.

cecelikeike · 2010/01/20

Broni I cant find the original, after I ran it the first time I ran it again, and that is all I see in the C directory.

cecelikeike · 2010/01/20

2010-01-21 00:31:03 . 2010-01-21 00:31:03 568 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-smss32.reg.dat
2010-01-21 00:31:03 . 2010-01-21 00:31:03 600 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-OmniPass.reg.dat
2010-01-21 00:31:01 . 2010-01-21 00:31:01 628 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-Internet Security 2010.reg.dat
2010-01-21 00:31:00 . 2010-01-21 00:31:00 692 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-Advanced SystemCare 3.reg.dat
2010-01-21 00:30:15 . 2009-02-16 16:09:21 90 ----a-w- C:\Qoobox\Quarantine\D\AUTORUN.INF.vir
2010-01-21 00:28:03 . 2010-01-21 00:37:55 11,296 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2010-01-20 06:25:12 . 2010-01-21 00:34:30 408 ----a-w- C:\Qoobox\Quarantine\catchme.log
2010-01-18 20:51:17 . 2010-01-18 20:51:17 774 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk.vir
2010-01-18 20:51:17 . 2010-01-18 20:51:17 756 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Start Menu\Internet Security 2010.lnk.vir
2010-01-18 20:51:17 . 2010-01-18 20:51:17 756 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Desktop\Internet Security 2010.lnk.vir
2010-01-18 20:51:17 . 2010-01-18 20:51:08 1,462,784 ----a-w- C:\Qoobox\Quarantine\C\Program Files\InternetSecurity2010\IS2010.exe.vir
2010-01-18 20:51:09 . 2010-01-20 07:14:31 0 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\41.exe.vir
2010-01-18 20:50:33 . 2010-01-20 07:14:29 2,931 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\warning.html.vir
2010-01-18 11:34:59 . 2010-01-18 11:34:59 1 ----a-w- C:\Qoobox\Quarantine\C\s.vir
2010-01-18 11:32:09 . 2010-01-18 11:32:09 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGCE.tmp.vir
2010-01-18 08:40:48 . 2010-01-18 08:40:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGC0.tmp.vir
2010-01-17 19:25:55 . 2010-01-17 19:25:55 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBF.tmp.vir
2010-01-16 06:56:06 . 2010-01-16 06:56:06 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBE.tmp.vir
2010-01-15 06:36:30 . 2010-01-15 06:36:30 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB1.tmp.vir
2010-01-14 09:29:55 . 2010-01-14 09:29:55 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBD.tmp.vir
2010-01-14 08:34:17 . 2010-01-14 08:34:17 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB0.tmp.vir
2010-01-13 20:29:07 . 2010-01-13 20:29:07 1,295 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_7\images\1701_icon.png.vir
2010-01-13 20:28:50 . 2010-01-13 20:28:50 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA6.tmp.vir
2010-01-13 20:28:48 . 2010-01-13 20:28:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA2.tmp.vir
2010-01-04 20:23:13 . 2010-01-04 20:23:13 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB6.tmp.vir
2009-12-30 19:57:00 . 2009-12-30 19:57:00 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB5.tmp.vir
2009-12-30 19:56:40 . 2009-12-30 19:56:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAB.tmp.vir
2009-12-30 19:48:58 . 2009-12-30 19:48:58 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA1.tmp.vir
2009-12-26 21:50:22 . 2009-12-26 21:50:22 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAA.tmp.vir
2009-12-26 21:46:22 . 2009-12-26 21:46:22 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA0.tmp.vir
2009-12-21 23:42:29 . 2009-12-21 23:42:29 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9F.tmp.vir
2009-12-19 04:04:26 . 2009-12-19 04:04:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG183.tmp.vir
2009-12-19 02:42:18 . 2009-12-19 02:42:18 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG179.tmp.vir
2009-12-19 02:07:21 . 2009-12-19 02:07:21 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG146.tmp.vir
2009-12-19 00:52:31 . 2009-12-19 00:52:31 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9E.tmp.vir
2009-12-18 06:37:00 . 2009-12-18 06:37:00 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA4.tmp.vir
2009-12-18 06:23:31 . 2009-12-18 06:23:31 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9D.tmp.vir
2009-12-17 19:33:52 . 2009-12-17 19:33:52 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG97.tmp.vir
2009-12-17 12:31:34 . 2009-12-17 12:31:34 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA7.tmp.vir
2009-12-17 10:16:28 . 2009-12-17 10:16:28 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG94.tmp.vir
2009-12-13 09:53:31 . 2009-12-13 09:53:31 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG93.tmp.vir
2009-12-09 02:49:01 . 2009-12-09 02:49:01 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBB.tmp.vir
2009-12-09 02:48:38 . 2009-12-09 02:48:38 1,532 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB4.tmp.vir
2009-12-08 00:16:57 . 2009-12-08 00:16:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGCC.tmp.vir
2009-12-08 00:00:35 . 2009-12-08 00:00:35 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBA.tmp.vir
2009-12-07 14:50:45 . 2009-12-07 14:50:45 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9A.tmp.vir
2009-12-07 00:34:35 . 2009-12-07 00:34:35 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGCB.tmp.vir
2009-12-07 00:16:35 . 2009-12-07 00:16:35 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGC3.tmp.vir
2009-12-07 00:14:26 . 2009-12-07 00:14:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGBC.tmp.vir
2009-12-07 00:04:36 . 2009-12-07 00:04:36 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA9.tmp.vir
2009-12-07 00:00:57 . 2009-12-07 00:00:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9C.tmp.vir
2009-12-06 19:42:42 . 2009-12-06 19:42:42 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7F.tmp.vir
2009-12-05 21:08:17 . 2009-12-05 21:08:17 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG91.tmp.vir
2009-12-05 21:00:19 . 2009-12-05 21:00:19 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7E.tmp.vir
2009-12-03 22:49:08 . 2009-12-03 22:49:08 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7D.tmp.vir
2009-11-28 21:10:14 . 2009-11-28 21:10:14 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG98.tmp.vir
2009-11-28 21:04:02 . 2009-11-28 21:04:02 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8E.tmp.vir
2009-11-17 04:26:51 . 2009-11-17 04:26:51 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9B.tmp.vir
2009-11-17 04:24:25 . 2009-11-17 04:24:25 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8B.tmp.vir
2009-11-17 04:10:58 . 2009-11-17 04:10:58 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7C.tmp.vir
2009-11-16 11:42:35 . 2009-11-16 11:42:35 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG92.tmp.vir
2009-11-16 11:27:38 . 2009-11-16 11:27:38 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG88.tmp.vir
2009-11-16 01:11:23 . 2009-11-16 01:11:23 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAF.tmp.vir
2009-11-15 23:55:21 . 2009-11-15 23:55:21 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG96.tmp.vir
2009-11-15 21:51:23 . 2009-11-15 21:51:23 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7B.tmp.vir
2009-11-14 10:03:51 . 2009-11-14 10:03:51 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG82.tmp.vir
2009-11-14 09:45:29 . 2009-11-14 09:45:29 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG75.tmp.vir
2009-11-11 02:26:34 . 2009-11-11 02:26:34 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8D.tmp.vir
2009-11-11 01:12:20 . 2009-11-11 01:12:20 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG74.tmp.vir
2009-11-10 23:37:55 . 2009-11-10 23:37:55 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG73.tmp.vir
2009-11-09 23:18:13 . 2009-11-09 23:18:13 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG86.tmp.vir
2009-11-08 22:50:59 . 2009-11-08 22:50:59 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6E.tmp.vir
2009-11-06 22:56:38 . 2009-11-06 22:56:38 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG90.tmp.vir
2009-11-06 22:35:31 . 2009-11-06 22:35:31 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6D.tmp.vir
2009-10-24 04:45:37 . 2009-10-24 04:45:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6A.tmp.vir
2009-10-22 21:24:51 . 2009-10-22 21:24:51 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7A.tmp.vir
2009-10-22 10:13:16 . 2009-10-22 10:13:16 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB8.tmp.vir
2009-10-22 07:23:01 . 2009-10-22 07:23:01 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG84.tmp.vir
2009-10-21 18:30:18 . 2009-10-21 18:30:18 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG80.tmp.vir
2009-10-21 18:28:37 . 2009-10-21 18:28:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG79.tmp.vir
2009-10-21 18:21:52 . 2009-10-21 18:21:52 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG69.tmp.vir
2009-10-19 05:17:48 . 2009-10-19 05:17:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB9.tmp.vir
2009-10-19 03:49:27 . 2009-10-19 03:49:27 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAE.tmp.vir
2009-10-19 00:52:05 . 2009-10-19 00:52:05 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA5.tmp.vir
2009-10-18 22:01:05 . 2009-10-18 22:01:05 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8A.tmp.vir
2009-10-18 21:08:37 . 2009-10-18 21:08:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG78.tmp.vir
2009-10-17 18:51:56 . 2009-10-17 18:51:56 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG67.tmp.vir
2009-10-17 10:36:09 . 2009-10-17 10:36:09 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB7.tmp.vir
2009-10-17 08:45:40 . 2009-10-17 08:45:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAD.tmp.vir
2009-10-17 08:22:44 . 2009-10-17 08:22:44 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG99.tmp.vir
2009-10-17 06:47:33 . 2009-10-17 06:47:33 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG87.tmp.vir
2009-10-17 05:41:51 . 2009-10-17 05:41:51 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG71.tmp.vir
2009-10-17 04:53:00 . 2009-10-17 04:53:00 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG66.tmp.vir
2009-10-15 10:42:15 . 2009-10-15 10:42:15 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGAC.tmp.vir
2009-10-15 10:18:54 . 2009-10-15 10:18:54 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA3.tmp.vir
2009-10-15 10:06:48 . 2009-10-15 10:06:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8C.tmp.vir
2009-10-15 09:59:48 . 2009-10-15 09:59:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG81.tmp.vir
2009-10-15 09:56:37 . 2009-10-15 09:56:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG77.tmp.vir
2009-10-15 08:40:49 . 2009-10-15 08:40:49 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG64.tmp.vir
2009-10-15 08:30:44 . 2009-10-15 08:30:44 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5D.tmp.vir
2009-10-13 09:30:50 . 2009-10-13 09:30:50 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG89.tmp.vir
2009-10-13 08:10:36 . 2009-10-13 08:10:36 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG70.tmp.vir
2009-10-13 07:42:14 . 2009-10-13 07:42:14 1,267 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_6\images\1045_icon.png.vir
2009-10-13 07:41:57 . 2009-10-13 07:41:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5C.tmp.vir
2009-10-07 09:48:43 . 2009-10-07 09:48:43 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG68.tmp.vir
2009-10-07 09:38:15 . 2009-10-07 09:38:15 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5E.tmp.vir
2009-10-07 09:37:10 . 2009-10-07 09:37:10 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG57.tmp.vir
2009-10-06 23:58:35 . 2009-10-06 23:58:35 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG56.tmp.vir
2009-09-30 05:46:48 . 2009-09-30 05:46:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG95.tmp.vir
2009-09-30 05:36:25 . 2009-09-30 05:36:25 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG85.tmp.vir
2009-09-30 05:26:03 . 2009-09-30 05:26:03 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG72.tmp.vir
2009-09-30 03:15:17 . 2009-09-30 03:15:17 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG55.tmp.vir
2009-09-26 19:35:44 . 2009-09-26 19:35:44 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5B.tmp.vir
2009-09-23 23:22:37 . 2009-09-23 23:22:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG76.tmp.vir
2009-09-23 23:05:01 . 2009-09-23 23:05:01 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG61.tmp.vir
2009-09-23 23:01:27 . 2009-09-23 23:01:27 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG54.tmp.vir
2009-09-22 22:29:19 . 2009-09-22 22:29:19 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG65.tmp.vir
2009-09-18 07:09:59 . 2009-09-18 07:09:59 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG63.tmp.vir
2009-09-17 22:17:25 . 2009-09-17 22:17:25 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG58.tmp.vir
2009-09-17 22:11:12 . 2009-09-17 22:11:12 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG50.tmp.vir
2009-09-17 09:14:14 . 2009-09-17 09:14:14 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5A.tmp.vir
2009-09-17 08:54:36 . 2009-09-17 08:54:36 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4F.tmp.vir
2009-09-16 23:37:50 . 2009-09-16 23:37:50 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG47.tmp.vir
2009-09-13 19:42:00 . 2009-09-13 19:42:00 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG46.tmp.vir
2009-09-12 18:22:37 . 2009-09-12 18:22:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG45.tmp.vir
2009-09-12 06:15:48 . 2009-09-12 06:15:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG53.tmp.vir
2009-09-12 05:09:22 . 2009-09-12 05:09:22 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG41.tmp.vir
2009-09-11 23:44:26 . 2009-09-11 23:44:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB3.tmp.vir
2009-09-11 23:26:27 . 2009-09-11 23:26:27 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA8.tmp.vir
2009-09-11 20:12:53 . 2009-09-11 20:12:53 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG60.tmp.vir
2009-09-11 19:41:26 . 2009-09-11 19:41:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG48.tmp.vir
2009-09-04 06:23:57 . 2009-09-04 06:23:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG40.tmp.vir
2009-09-03 06:10:34 . 2009-09-03 06:10:34 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6C.tmp.vir
2009-09-02 16:51:01 . 2009-09-02 16:51:01 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG39.tmp.vir
2009-09-01 22:17:32 . 2009-09-01 22:17:32 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG62.tmp.vir
2009-09-01 22:09:02 . 2009-09-01 22:09:02 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG44.tmp.vir
2009-09-01 22:07:08 . 2009-09-01 22:07:08 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG38.tmp.vir
2009-09-01 09:51:47 . 2009-09-01 09:51:47 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4D.tmp.vir
2009-09-01 09:40:44 . 2009-09-01 09:40:44 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG36.tmp.vir
2009-08-29 10:25:19 . 2009-08-29 10:25:19 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG33.tmp.vir
2009-08-28 09:47:26 . 2009-08-28 09:47:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4B.tmp.vir
2009-08-28 07:58:58 . 2009-08-28 07:58:58 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG29.tmp.vir
2009-08-24 11:47:19 . 2009-08-24 11:47:19 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4A.tmp.vir
2009-08-24 11:45:56 . 2009-08-24 11:45:56 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG42.tmp.vir
2009-08-24 11:43:03 . 2009-08-24 11:43:03 1,293 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\nclear.png.vir
2009-08-18 22:03:10 . 2009-08-18 22:03:10 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG31.tmp.vir
2009-08-17 08:28:40 . 2009-08-17 08:28:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8F.tmp.vir
2009-08-17 08:04:12 . 2009-08-17 08:04:12 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG83.tmp.vir
2009-08-17 01:43:11 . 2009-08-17 01:43:11 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG52.tmp.vir
2009-08-12 06:09:37 . 2009-08-12 06:09:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG25.tmp.vir
2009-08-07 07:13:49 . 2009-08-07 07:13:49 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6B.tmp.vir
2009-08-07 07:08:52 . 2009-08-07 07:08:52 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG59.tmp.vir
2009-08-07 05:40:58 . 2009-08-07 05:40:58 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG49.tmp.vir
2009-08-07 05:40:19 . 2009-08-07 05:40:19 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3F.tmp.vir
2009-08-07 05:34:21 . 2009-08-07 05:34:21 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2D.tmp.vir
2009-08-07 05:30:59 . 2009-08-07 05:30:59 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG24.tmp.vir
2009-07-21 09:01:57 . 2009-07-21 09:01:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG23.tmp.vir
2009-07-20 21:20:24 . 2009-07-20 21:20:24 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG28.tmp.vir
2009-07-15 00:46:24 . 2009-07-15 00:46:24 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG22.tmp.vir
2009-07-14 08:47:58 . 2009-07-14 08:47:58 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4E.tmp.vir
2009-07-14 06:57:39 . 2009-07-14 06:57:39 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2A.tmp.vir
2009-07-06 19:14:04 . 2009-07-06 19:14:04 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3E.tmp.vir
2009-06-27 21:01:45 . 2009-06-27 21:01:45 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3D.tmp.vir
2009-06-27 21:00:45 . 2009-06-27 21:00:45 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG35.tmp.vir
2009-06-27 20:54:48 . 2009-06-27 20:54:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2C.tmp.vir
2009-06-27 20:51:14 . 2009-06-27 20:51:14 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG20.tmp.vir
2009-06-26 21:26:57 . 2009-06-26 21:26:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG37.tmp.vir
2009-06-26 21:12:17 . 2009-06-26 21:12:17 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG30.tmp.vir
2009-06-26 07:15:53 . 2009-06-26 07:15:53 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1C.tmp.vir
2009-06-16 09:45:26 . 2009-06-16 09:45:26 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3A.tmp.vir
2009-06-16 07:30:47 . 2009-06-16 07:30:47 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1B.tmp.vir
2009-06-11 03:36:49 . 2009-06-11 03:36:49 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG5F.tmp.vir
2009-06-11 03:31:07 . 2009-06-11 03:31:07 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG4C.tmp.vir
2009-06-11 01:29:38 . 2009-06-11 01:29:38 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG32.tmp.vir
2009-06-11 01:23:16 . 2009-06-11 01:23:16 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2E.tmp.vir
2009-06-11 01:09:15 . 2009-06-11 01:09:15 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1A.tmp.vir
2009-06-04 08:05:08 . 2009-06-04 08:05:08 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG19.tmp.vir
2009-05-21 06:48:59 . 2009-05-21 06:48:59 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG18.tmp.vir
2009-05-17 10:50:11 . 2009-05-17 10:50:11 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3B.tmp.vir
2009-05-17 08:27:10 . 2009-05-17 08:27:10 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG34.tmp.vir
2009-05-17 07:12:02 . 2009-05-17 07:12:02 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG27.tmp.vir
2009-05-17 07:11:45 . 2009-05-17 07:11:45 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1F.tmp.vir
2009-05-17 07:09:10 . 2009-05-17 07:09:10 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG17.tmp.vir
2009-05-17 05:00:30 . 2009-05-17 05:00:30 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGD7.tmp.vir
2009-05-17 04:41:57 . 2009-05-17 04:41:57 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGC5.tmp.vir
2009-05-17 04:27:53 . 2009-05-17 04:27:53 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB2.tmp.vir
2009-05-17 03:16:11 . 2009-05-17 03:16:11 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6F.tmp.vir
2009-05-17 02:41:01 . 2009-05-17 02:41:01 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG51.tmp.vir
2009-05-16 23:46:37 . 2009-05-16 23:46:37 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1D.tmp.vir
2009-05-16 23:40:23 . 2009-05-16 23:40:23 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG14.tmp.vir
2009-05-16 18:31:22 . 2009-05-16 18:31:22 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG13.tmp.vir
2009-05-06 02:49:05 . 2009-05-06 02:49:05 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2B.tmp.vir
2009-05-02 20:24:40 . 2009-05-02 20:24:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG11.tmp.vir
2009-05-01 08:51:06 . 2009-05-01 08:51:06 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG10.tmp.vir
2009-04-30 04:36:51 . 2009-04-30 04:36:51 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGB.tmp.vir
2009-04-29 22:52:07 . 2009-04-29 22:52:07 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG21.tmp.vir
2009-04-29 19:28:16 . 2009-04-29 19:28:16 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGE.tmp.vir
2009-04-25 10:39:40 . 2009-04-25 10:39:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG16.tmp.vir
2009-04-24 06:15:34 . 2009-04-24 06:15:34 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGF.tmp.vir
2009-04-17 20:54:48 . 2009-04-17 20:54:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG12.tmp.vir
2009-04-17 11:26:40 . 2009-04-17 11:26:40 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG3C.tmp.vir
2009-04-17 08:47:48 . 2009-04-17 08:47:48 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG26.tmp.vir
2009-04-17 07:38:53 . 2009-04-17 07:38:53 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG9.tmp.vir
2009-04-11 01:43:11 . 2009-04-11 01:43:11 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG1E.tmp.vir
2009-04-06 19:49:54 . 2009-04-06 19:49:54 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG8.tmp.vir
2009-04-05 01:17:04 . 2009-04-05 01:17:04 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG6.tmp.vir
2009-03-26 03:17:38 . 2009-03-26 03:17:38 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGA.tmp.vir
2009-03-24 04:46:10 . 2009-03-24 04:46:10 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG7.tmp.vir
2009-03-23 08:23:20 . 2009-03-23 08:23:20 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG2F.tmp.vir
2009-03-10 03:49:27 . 2009-03-10 03:49:27 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG43.tmp.vir
2009-03-10 03:24:28 . 2009-03-10 03:24:28 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMG15.tmp.vir
2009-02-19 08:53:12 . 2009-11-29 22:46:34 1,613 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\shower.png.vir
2009-02-11 05:13:21 . 2009-02-11 05:13:22 1,511 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\clear.png.vir
2009-02-11 00:34:20 . 2009-02-11 00:34:20 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGD.tmp.vir
2009-01-15 00:19:09 . 2009-07-06 18:43:17 1,532 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\mcloud.png.vir
2009-01-14 17:22:59 . 2009-11-15 02:12:42 1,301 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\alert-icon.png.vir
2009-01-06 20:06:07 . 2009-01-06 20:06:07 0 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\IMGC.tmp.vir
2009-01-01 22:40:40 . 2009-10-06 23:35:48 368 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup.vir
2008-12-15 14:33:24 . 2010-01-17 19:12:17 1,484 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\nmcloud.png.vir
2008-12-14 00:56:57 . 2009-12-07 23:20:01 1,650 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\cloudy.png.vir
2008-12-12 20:44:32 . 2008-12-12 20:44:32 382,384 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Java\jre6\bin\jucheck.exe.vir
2008-12-11 19:23:15 . 2008-12-12 23:27:01 1,164 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\alert.png.vir
2008-12-11 19:23:15 . 2008-12-11 19:23:15 1,693 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\rain.png.vir
2008-12-09 18:57:25 . 2010-01-04 20:29:32 1,532 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\pcloud.png.vir
2008-12-09 18:37:16 . 2008-12-09 18:37:16 592 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_8\Button_8.xml.backup.vir
2008-12-09 18:37:16 . 2008-12-09 18:37:16 592 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_8\Button_8.xml.vir
2008-12-09 18:37:16 . 2010-01-13 20:29:08 760 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_7\Button_7.xml.backup.vir
2008-12-09 18:37:16 . 2009-10-13 07:42:15 640 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_6\Button_6.xml.backup.vir
2008-12-09 18:37:16 . 2010-01-13 20:29:08 760 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_7\Button_7.xml.vir
2008-12-09 18:37:16 . 2009-10-13 07:42:15 640 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_6\Button_6.xml.vir
2008-12-09 18:37:16 . 2009-08-24 06:04:29 1,392 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_5\Button_5.xml.backup.vir
2008-12-09 18:37:16 . 2009-08-24 06:04:29 1,392 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_5\Button_5.xml.vir
2008-12-09 18:37:16 . 2009-08-05 10:18:00 2,424 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_4\Button_4.xml.backup.vir
2008-12-09 18:37:16 . 2009-08-05 10:18:00 2,424 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_4\Button_4.xml.vir
2008-12-09 18:37:15 . 2009-08-24 06:04:29 3,296 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_3\Button_3.xml.backup.vir
2008-12-09 18:37:15 . 2009-08-24 06:04:29 3,296 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_3\Button_3.xml.vir
2008-12-09 18:37:15 . 2009-05-21 06:49:08 848 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_2\Button_2.xml.backup.vir
2008-12-09 18:37:15 . 2009-05-21 06:49:08 848 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_2\Button_2.xml.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 176 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\configurator\configurator.xml.backup.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 176 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\configurator\configurator.xml.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 544 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_1\Button_1.xml.backup.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 544 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_1\Button_1.xml.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 3,392 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_0\Button_0.xml.backup.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 3,392 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Button_0\Button_0.xml.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 1,168 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\contextMenu\contextMenu.xml.backup.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 1,168 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\contextMenu\contextMenu.xml.vir
2008-12-09 18:37:15 . 2010-01-18 20:53:00 224 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\TimerManager\TimerManager.xml.backup.vir
2008-12-09 18:37:15 . 2010-01-18 20:53:00 224 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\TimerManager\TimerManager.xml.vir
2008-12-09 18:37:15 . 2010-01-13 20:29:08 448 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Updater\Updater.xml.backup.vir
2008-12-09 18:37:15 . 2010-01-13 20:29:08 448 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Updater\Updater.xml.vir
2008-12-09 18:37:15 . 2009-10-06 23:35:48 368 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 528 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\products\products.xml.backup.vir
2008-12-09 18:37:15 . 2008-12-09 18:37:15 528 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\products\products.xml.vir
2008-12-09 18:37:14 . 2008-12-09 18:37:14 22,424 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\toolbar.xml.backup.vir
2008-12-05 22:35:40 . 2010-01-18 21:01:07 23,080 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\toolbar.xml.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,155 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 2,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,818 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_0\images\alot_logo_button.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,427 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_1\images\alot_search_button.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,894 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_2\images\default_1002_alot_videos_videosearch.bmp.vir
2008-12-05 22:35:40 . 2009-05-21 06:49:08 1,242 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_2\images\default_1002_alot_videos_videosearch.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_3\images\default_1042_alot_video_vault.bmp.vir
2008-12-05 22:35:40 . 2009-08-24 06:04:29 1,238 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_3\images\default_1042_alot_video_vault.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\default_1007_alot_weather_widget.bmp.vir
2008-12-05 22:35:40 . 2010-01-17 19:12:34 1,209 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_4\images\default_1007_alot_weather_widget.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_5\images\default_1043_alot_video_editing.bmp.vir
2008-12-05 22:35:40 . 2009-08-24 06:04:29 1,355 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_5\images\default_1043_alot_video_editing.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_6\images\default_1045_alot_rea_laughs.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,205 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_6\images\default_1045_alot_rea_laughs.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_7\images\default_1602_alot_mrkt_livinghealthy.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 976 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_7\images\default_1602_alot_mrkt_livinghealthy.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_8\images\default_1530_alot_mrkt_simplyhired.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 826 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Button_8\images\default_1530_alot_mrkt_simplyhired.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 2,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,818 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png.vir
2008-12-05 22:35:40 . 2010-01-17 19:12:35 144 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\domains.dat.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 6,579 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\alot_brand.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 2,867 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\alot_splitter.png.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 4,808 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\spinner.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 630 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_bottom.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,286 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,286 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,110 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_caption.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 9,654 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 1,558 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_error_close.bmp.vir
2008-12-05 22:35:40 . 2008-12-05 22:35:40 3,626 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Tracey\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp.vir
2008-09-24 01:08:38 . 2007-03-08 05:10:09 991,232 -c--a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\dllcache\ieframe.dll.mui.vir
2008-08-28 02:51:33 . 2008-08-28 02:51:33 13,864 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\AegisP.inf.vir

broni · 2010/01/20

That will do.
I can see Norton listed in Combofix as being outdated. What's the situation here?
Is it some trial no longer used?

cecelikeike · 2010/01/20

Yeah,

Log in or Sign up

Solved Problem with Internet Security 2010

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Problem with Internet Security 2010

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

cecelikeike Inactive Thread Starter

broni Moderator Malware Analyst

cecelikeike Inactive Thread Starter

Share This Page

Useful Searches