system
11
Oldman,
Sorry for the delay… Here are my logfiles starting with combofix
ComboFix 08-01-13.1 - Compaq_Owner 2008-01-17 10:03:32.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.605 [GMT -5:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Owner\Desktop\cfscript.txt
- Created a new restore point
FILE
C:\Documents and Settings\Compaq_Owner\Application Data\internaldb41.dat
C:\Program Files\d.bat
C:\WINDOWS\system32\CID
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\intelidee.sys
C:\WINDOWS\system32\svcd\svchost.exe
C:\WINDOWS\system32\SvcNm
C:\WINDOWS\system32\url1
C:\WINDOWS\system32\url2
C:\WINDOWS\system32\url3
C:\winefni.exe
C:\winvvys.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Compaq_Owner\Application Data\internaldb41.dat
C:\Program Files\d.bat
C:\temp\Ryuan1
C:\temp\Ryuan1\tepU.log
C:\temp\tn3
C:\WINDOWS\system32\che9
C:\WINDOWS\system32\che9\farstadcom2.exe
C:\WINDOWS\system32\CID
C:\WINDOWS\system32\CID
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\intelidee.sys
C:\WINDOWS\system32\edcA01
C:\WINDOWS\system32\edcA01\edcA011065.exe
C:\WINDOWS\system32\ez4
C:\WINDOWS\system32\mp2
C:\WINDOWS\system32\ob3
C:\WINDOWS\system32\svcd
C:\WINDOWS\system32\svcd\svchost.exe
C:\WINDOWS\system32\SvcNm
C:\WINDOWS\system32\SvcNm
C:\WINDOWS\system32\url1
C:\WINDOWS\system32\url1
C:\WINDOWS\system32\url2
C:\WINDOWS\system32\url2
C:\WINDOWS\system32\url3
C:\WINDOWS\system32\url3
C:\WINDOWS\system32\vt8
C:\winefni.exe
C:\winvvys.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-17 to 2008-01-17 )))))))))))))))))))))))))))))))
.
2008-01-17 09:26 . 2008-01-17 09:26 20,480 --a------ C:\WINDOWS\quit.exe
2008-01-13 12:23 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 21:44 . 2008-01-12 21:44 d-------- C:\Program Files\Trend Micro
2008-01-12 14:34 . 2005-05-05 12:57 d-------- C:\Documents and Settings\Administrator.YOUR-F78BF48CE2\WINDOWS
2008-01-12 08:37 . 2008-01-17 10:11 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 08:37 . 2008-01-12 08:37 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-10 18:47 . 2008-01-10 18:47 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Yahoo! Messenger
2008-01-10 11:25 . 2008-01-12 09:42 15,360 --a------ C:\WINDOWS\system32\dllcache\ctfmon.exe
2008-01-10 11:25 . 2008-01-12 09:42 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2008-01-09 23:39 . 2008-01-10 20:10 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\gtk-2.0
2008-01-09 23:38 . 2008-01-09 23:38 d-------- C:\Documents and Settings\Compaq_Owner.thumbnails
2008-01-09 23:37 . 2008-01-10 20:10 d-------- C:\Documents and Settings\Compaq_Owner.gimp-2.4
2008-01-09 23:36 . 2008-01-09 23:36 d-------- C:\Program Files\GIMP-2.0
2007-12-27 12:18 . 2007-12-27 12:18 d----c— C:\WINDOWS\system32\DRVSTORE
2007-12-27 12:18 . 2007-12-27 12:18 d-------- C:\Program Files\Common Files\Apple
2007-12-27 12:18 . 2007-12-27 12:18 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-12-23 13:16 . 2007-12-23 13:16 d–h----- C:\CWDS2Temp
2007-12-23 13:14 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-12-23 13:07 . 2007-12-23 13:07 0 --a------ C:\WINDOWS\system32\SET29.tmp
2007-12-23 13:06 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2007-12-23 13:06 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-23 13:06 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-23 12:47 . 2007-12-23 12:47 d-------- C:\Program Files\Common Files\Canon
2007-12-23 12:47 . 2007-12-23 12:52 d-------- C:\Program Files\Canon
