Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix deleted some of my important files


  • This topic is locked This topic is locked
8 replies to this topic

#1 ton7io69

ton7io69

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 07 January 2012 - 05:41 AM

I run ComboFix to get rid of the spyware, I got rid of it but in the process ComboFix deleted some of my files and placed them in Qoobox.
How can I get those files back?Its really important as I invested lots of time on working with these files, they are .xml type ones.
Also for finding them I used Pandora Recovery, I was able to recover these files with it but they were all 0KB.
Thank you for your time.I have also not found any of this files in C:\QooBox\Quarantine
Pandora recovery shows that the files are located at C:\Qoobox\Test, but theres not a folder there at all.
Posted Image


DDS



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Fruli Luli at 11:16:26 on 2012-01-07
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.385.1033.18.2046.859 [GMT 1:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe
C:\Windows\system32\vmnat.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\TrustPort\DataShredder\bin\wipesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft Games\minesweeper\minesweeper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Pandora Recovery\PandoraRecovery.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://eu.ask.com?o=15788&l=dis
mStart Page = hxxp://www.bigseekpro.com/burn4free/{99778A09-B279-4C58-994F-1CA181F7E21F}
uInternet Settings,ProxyOverride = local
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - c:\program files\blekkotb\auxi\blekkoAu.dll
BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\19.2.0.10\ips\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: QuickNet BHO: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - c:\program files\regtweaker\key.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: XRumer: {c090dcd2-0339-4c3f-8442-302449b4ed78} - c:\program files\botmaster\xrumerieplugin 1.1 (trusted)\XrumerAddin.dll
TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [AntivirusCommunicatorAgent] "c:\program files\trustport\antivirus\bin\avcom.exe"
mRun: [TrustPortDiskProtectionWatchDog] "c:\program files\trustport\diskprotection\bin\TDWatch.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Anti-phishing Domain Advisor] "c:\programdata\anti-phishing domain advisor\visicom_antiphishing.exe"
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {51A3EFFA-7EA8-498F-8078-4B8E2AD77350}
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\icq7.2\ICQ.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\users\fruli luli\desktop\PartyPoker.lnk
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 83.139.104.2 83.139.105.2
TCP: Interfaces\{EFD7C776-343C-4499-A69A-844E93A3745B} : DhcpNameServer = 83.139.104.2 83.139.105.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\fruli luli\appdata\roaming\mozilla\firefox\profiles\9224yf5n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=15788&l=dis
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\fruli luli\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1302000.00a\symds.sys [2012-1-6 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1302000.00a\symefa.sys [2012-1-6 897656]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-15 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-11-19 314456]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.1.1.3\definitions\bashdefs\20111221.003\BHDrvx86.sys [2011-12-21 819320]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\nav\1302000.00a\ccsetx86.sys [2012-1-6 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.1.1.3\definitions\ipsdefs\20120105.001\IDSvix86.sys [2012-1-5 368248]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1302000.00a\ironx86.sys [2012-1-6 149624]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nav\1302000.00a\symnets.sys [2012-1-6 314488]
R1 tdimapper;TrustPort TDI port to process mapper;c:\program files\trustport\personalfirewall\bin\tdimapper.sys [2012-1-6 18704]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-11-19 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-11-19 55128]
R2 EncDisk;EncDisk;c:\program files\trustport\diskprotection\bin\EncDsk.sys [2012-1-6 55568]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-6 652872]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\19.2.0.10\ccsvchst.exe [2012-1-6 138760]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928]
R2 tdifw;TrustPort PGTW driver;c:\windows\system32\drivers\tdifw.sys [2012-1-6 40720]
R2 tpsec;TrustPort Security Filter;c:\windows\system32\drivers\tpsec.sys [2012-1-6 35920]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-11-7 1479488]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2010-8-1 539184]
R2 wipesrv;TrustPort DataShredder Wipe Service;c:\program files\trustport\datashredder\bin\wipesrv.exe [2012-1-6 266512]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-11-26 6650368]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-11-26 231936]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-6 106104]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-6 20464]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-31 10064]
S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-12-27 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Usluga Google ažuriranje (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 avas_service;TrustPort Antivirus On-Access Scanner Agent;c:\program files\trustport\antivirus\bin\avas.exe [2012-1-6 495888]
S3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;c:\windows\system32\drivers\avasdmft.sys [2012-1-6 37648]
S3 avss_service;TrustPort Antivirus Service Scanner Provider;c:\program files\trustport\antivirus\bin\avss.exe [2012-1-6 291088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dsio;TrustPort Raw IO Driver;c:\program files\common files\trustport\bin\dsio.sys [2012-1-6 16656]
S3 gozer;TrustPort Personal GTW;c:\program files\trustport\antivirus\bin\gozer.exe [2012-1-6 487696]
S3 gupdatem;Usluga Google ažuriranje (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;WatAdminSvc;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-13 1343400]
.
=============== Created Last 30 ================
.
2012-01-07 01:31:36 -------- d-s---w- C:\ComboFix
2012-01-06 18:27:30 6200 ----a-w- c:\windows\system32\INT13EXT.VXD
2012-01-06 18:27:29 -------- d-----w- c:\program files\PC Inspector File Recovery
2012-01-06 18:26:53 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2012-01-06 18:26:53 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2012-01-06 18:26:53 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2012-01-06 18:26:53 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-01-06 18:26:53 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2012-01-06 18:26:53 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2012-01-06 18:26:50 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2012-01-06 18:26:50 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2012-01-06 17:57:15 -------- d-----w- c:\users\fruli luli\appdata\roaming\PandoraRecovery
2012-01-06 17:57:03 -------- d-----w- c:\program files\Pandora Recovery
2012-01-06 15:34:17 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-06 14:50:51 98816 ----a-w- c:\windows\sed.exe
2012-01-06 14:50:51 518144 ----a-w- c:\windows\SWREG.exe
2012-01-06 14:50:51 256000 ----a-w- c:\windows\PEV.exe
2012-01-06 14:50:51 208896 ----a-w- c:\windows\MBR.exe
2012-01-06 14:47:46 -------- d-----w- c:\users\fruli luli\appdata\local\blekkotb
2012-01-06 14:47:43 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-06 14:46:57 -------- d-----w- c:\program files\blekkotb
2012-01-06 13:55:57 -------- d-----w- c:\users\fruli luli\appdata\roaming\Malwarebytes
2012-01-06 13:55:47 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 13:55:46 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 13:55:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 09:44:36 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-01-06 09:44:19 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-01-06 09:43:55 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0401000.00F
2012-01-06 09:43:55 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2012-01-06 09:43:52 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2012-01-06 09:31:56 -------- d-----w- c:\users\fruli luli\appdata\local\NPE
2012-01-06 03:14:20 897656 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\symefa.sys
2012-01-06 03:14:20 314488 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\symnets.sys
2012-01-06 03:14:19 566904 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\srtsp.sys
2012-01-06 03:14:19 340088 ----a-r- c:\windows\system32\drivers\nav\1302000.00a\symds.sys
2012-01-06 03:14:19 31864 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\srtspx.sys
2012-01-06 03:14:19 149624 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\ironx86.sys
2012-01-06 03:14:19 132744 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\ccsetx86.sys
2012-01-06 03:14:16 2801 ----a-w- c:\windows\system32\drivers\nav\1302000.00a\symvtcer.dat
2012-01-06 03:14:16 -------- d-----w- c:\windows\system32\drivers\nav\1302000.00A
2012-01-05 23:26:47 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-05 23:26:47 -------- d-----w- c:\program files\Symantec
2012-01-05 23:26:05 -------- d-----w- c:\windows\system32\drivers\NAV
2012-01-05 23:26:03 -------- d-----w- c:\program files\Norton AntiVirus
2012-01-05 23:25:45 -------- d-----w- c:\program files\NortonInstaller
2012-01-05 23:23:09 40720 ----a-w- c:\windows\system32\drivers\tdifw.sys
2012-01-05 23:22:28 37648 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2012-01-05 23:22:26 35920 ----a-w- c:\windows\system32\drivers\tpsec.sys
2012-01-05 23:22:26 -------- d-----w- c:\program files\TrustPort
2012-01-05 23:22:26 -------- d-----w- c:\program files\common files\TrustPort
2012-01-04 12:11:38 -------- d-----w- c:\users\fruli luli\appdata\local\MyToobs
2012-01-03 04:51:02 -------- d-----w- c:\users\fruli luli\appdata\roaming\UBot Studio
2012-01-01 21:28:56 -------- d-----w- c:\program files\Market Samurai
2011-12-31 06:05:41 -------- d-----w- c:\users\fruli luli\appdata\roaming\eBookPro6
2011-12-31 04:22:34 -------- d-----w- c:\users\fruli luli\appdata\local\SkinSoft
2011-12-27 07:29:20 -------- d-----w- c:\program files\RegTweaker
2011-12-21 13:03:44 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-21 13:03:44 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-12-21 13:02:59 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-12-21 13:01:37 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-19 22:52:18 -------- d-----w- c:\users\fruli luli\appdata\roaming\Affilorama
2011-12-19 15:31:38 -------- d-----w- c:\program files\Captcha Sniper
.
==================== Find3M ====================
.
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:52:07 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-14 09:20:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 11:17:00,63 ===============

Attached Files


Edited by ton7io69, 07 January 2012 - 05:43 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:21 PM

Posted 12 January 2012 - 01:53 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

I would ike to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\ComboFix-quarantined-files.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 ton7io69

ton7io69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 12 January 2012 - 10:03 AM

2012-01-06 15:20:12 . 2012-01-06 15:20:12 1,312 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-AI RoboForm.reg.dat
2012-01-06 15:19:41 . 2012-01-06 15:19:41 924 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-swg.reg.dat
2012-01-06 15:19:22 . 2012-01-06 15:19:22 164 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-RoboForm.reg.dat
2012-01-06 15:19:20 . 2012-01-06 15:19:20 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2012-01-06 15:10:56 . 2012-01-06 15:10:56 6,409 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,163 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\4\TuneUp 1-klik Onderhoud.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,145 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\4\TuneUp Utilities 2012.lnk
2012-01-06 15:05:46 . 2010-10-26 01:23:18 174 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\4\desktop.ini
2012-01-06 15:05:46 . 2012-01-03 00:45:13 1,600 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\4\Mass Video Blaster.lnk
2012-01-06 15:05:46 . 2011-12-27 07:29:22 997 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\4\RegTweaker.lnk
2012-01-06 15:05:46 . 2010-10-11 21:49:55 2,052 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\VMware\VMware Player.lnk
2012-01-06 15:05:46 . 2010-10-11 21:49:57 2,028 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\VMware\VMware Workstation.lnk
2012-01-06 15:05:46 . 2010-06-04 08:04:04 978 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\WinRAR\Console RAR manual.lnk
2012-01-06 15:05:46 . 2010-06-04 08:04:04 997 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\WinRAR\WinRAR help.lnk
2012-01-06 15:05:46 . 2010-06-04 08:04:04 997 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\WinRAR\WinRAR.lnk
2012-01-06 15:05:46 . 2010-10-11 21:49:55 1,956 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\VMware\Virtual Network Editor.lnk
2012-01-06 15:05:46 . 2011-03-11 12:38:26 1,822 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Video Spin Blaster\Uninstall.lnk
2012-01-06 15:05:46 . 2011-03-11 12:38:26 998 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Video Spin Blaster\Video Spin Blaster.lnk
2012-01-06 15:05:46 . 2011-05-31 15:58:55 1,012 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Tweet Adder 3\TweetAdder3 Manual.pdf.lnk
2012-01-06 15:05:46 . 2011-05-31 15:58:55 1,001 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Tweet Adder 3\TweetAdder3.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Update Wizard.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,177 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp-optimalisatierapport.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,290 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp System Information.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,291 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Undelete.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,473 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Uninstall Manager.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,275 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Shredder.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,315 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp StartUp Manager.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,323 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp StartUp Optimizer.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,257 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Styler.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:41 2,320 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp System Control.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,432 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Setting Center.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,208 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Shortcut Cleaner.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,265 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Repair Wizard.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,361 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Rescue Center.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,251 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Registry Defrag.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,313 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Registry Editor.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,410 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Registry Cleaner.lnk
2012-01-06 15:05:46 . 2011-12-21 13:03:40 2,531 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Program Deactivator.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,267 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Gain Disk Space.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,288 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Live-optimalisatie.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,313 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Process Manager.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,337 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Disk Space Explorer.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,248 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Drive Defrag.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,384 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Economy-modus.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,187 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp 1-klik Onderhoud.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,331 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Alle functies\TuneUp Disk Doctor.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 1,388 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\Help TuneUp Utilities.lnk
2012-01-06 15:05:45 . 2011-12-21 13:03:40 55 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\TuneUp Software Website.url
2012-01-06 15:05:45 . 2011-12-21 13:03:40 2,163 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012\TuneUp Utilities 2012.lnk
2012-01-06 15:05:45 . 2011-12-25 23:46:32 1,929 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TheBestSpinner3\Uninstall.lnk
2012-01-06 15:05:45 . 2011-12-25 23:46:32 1,970 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TheBestSpinner3\TheBestSpinner.lnk
2012-01-06 15:05:45 . 2011-08-31 07:17:38 2,551 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Skype\Skype.lnk
2012-01-06 15:05:45 . 2009-07-14 04:41:57 174 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Startup\desktop.ini
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,241 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Submitter\Submitter.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,248 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Submitter\Url Manager.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,260 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Tools\Proxy Manager.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,253 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Sick Builder\Regex Tester.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,236 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Sick Builder\Site Info.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,241 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Submitter\Scheduler.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:46 2,229 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Sick Builder\Builder.lnk
2012-01-06 15:05:45 . 2011-02-04 17:37:47 2,229 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sick Marketing\Sick Builder\Encoder.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,747 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\Manuel d’utilisation.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,749 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\User’s Guide.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,753 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\Manual do usuário.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,749 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\Manuale d’uso.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,749 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\Guía del usuario.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,747 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Manual\Benutzerhandbuch.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:00 2,867 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\OmniPage SE 4.0.lnk
2012-01-06 15:05:45 . 2010-09-03 19:48:25 2,146 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ScanSoft OmniPage SE 4.0\Scanner Setup Wizard.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 1,179 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\Uninstall.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,109 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\TaskBar Icon.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,090 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\Search Files.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,092 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\Search Box.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,084 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\RoboForm Editor.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,115 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\New Version Check.lnk
2012-01-06 15:05:45 . 2011-12-06 12:12:36 162 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\Buy RoboForm Pro.url
2012-01-06 15:05:45 . 2011-12-06 12:12:35 2,119 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RoboForm\Generate Passwords.lnk
2012-01-06 15:05:45 . 2011-12-27 07:29:22 947 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RegTweaker\Uninstall.lnk
2012-01-06 15:05:45 . 2011-12-27 07:29:22 1,015 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\RegTweaker\RegTweaker.lnk
2012-01-06 15:05:45 . 2011-12-21 13:37:45 970 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Phalanger 2.0\Samples\Using PHP extensions in C#.lnk
2012-01-06 15:05:45 . 2011-12-21 13:37:45 943 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Phalanger 2.0\Samples\All Samples.lnk
2012-01-06 15:05:45 . 2011-12-21 13:37:45 940 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Phalanger 2.0\Phalanger User's Guide.lnk
2012-01-06 15:05:44 . 2011-12-21 13:37:45 1,010 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Phalanger 2.0\Phalanger Command Prompt.lnk
2012-01-06 15:05:44 . 2012-01-02 11:28:19 1,870 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\PartyPoker\Uninstall PartyPoker.lnk
2012-01-06 15:05:44 . 2010-11-02 19:46:11 942 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenVPN\OpenVPN configuration file directory.lnk
2012-01-06 15:05:44 . 2012-01-02 11:28:19 1,717 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\PartyPoker\PartyPoker.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:42 1,088 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:42 964 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Math.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:42 1,048 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Writer.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:42 1,042 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Impress.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:39 1,056 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Base.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:40 1,026 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Calc.lnk
2012-01-06 15:05:44 . 2010-10-11 23:46:40 966 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\OpenOffice.org Draw.lnk
2012-01-06 15:05:44 . 2010-10-11 23:49:12 36 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\OpenOffice.org 3.2\Desktop.ini
2012-01-06 15:05:44 . 2011-12-29 19:14:32 1,051 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Notepad++\Notepad++.lnk
2012-01-06 15:05:44 . 2010-06-05 00:35:47 806 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Notepad++\Uninstall.lnk
2012-01-06 15:05:44 . 2011-01-01 15:13:02 2,126 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Nokia\Nokia Ovi Suite.lnk
2012-01-06 15:05:44 . 2012-01-03 00:45:13 1,822 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Mass Video Blaster\Uninstall.lnk
2012-01-06 15:05:44 . 2011-08-15 13:47:00 2,253 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:30 1,248 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Create Recovery Disc.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:30 606 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Desktop.ini
2012-01-06 15:05:44 . 2009-07-14 04:42:29 1,212 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Remote Assistance.lnk
2012-01-06 15:05:44 . 2012-01-03 00:45:13 1,600 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Mass Video Blaster\Mass Video Blaster.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:28 1,304 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Backup and Restore Center.lnk
2012-01-06 15:05:44 . 2010-06-07 07:29:59 928 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\MagicDisc\Uninstall MagicDisc.lnk
2012-01-06 15:05:44 . 2011-04-21 12:42:21 1,833 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\ImgBurn.lnk
2012-01-06 15:05:44 . 2011-04-21 12:42:21 1,849 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\Uninstall.lnk
2012-01-06 15:05:44 . 2010-06-07 07:29:59 945 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\MagicDisc\MagicDisc.lnk
2012-01-06 15:05:44 . 2010-10-26 01:43:08 2,274 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ICQ7.2\Uninstall.lnk
2012-01-06 15:05:44 . 2011-04-21 12:42:21 1,826 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\ImgBurn Read Me.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:31 378 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Purble Place.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:26 368 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Solitaire.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:31 392 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Spider Solitaire.lnk
2012-01-06 15:05:44 . 2010-10-26 01:43:08 145 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ICQ7.2\icq.com.url
2012-01-06 15:05:44 . 2010-10-26 01:43:08 1,792 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ICQ7.2\ICQ7.2.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:31 356 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Hearts.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:46 474 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Backgammon.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:44 470 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Checkers.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:46 466 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Spades.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:44 360 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Mahjong.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:31 376 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Minesweeper.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:31 370 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\More Games from Microsoft.lnk
2012-01-06 15:05:44 . 2012-01-02 11:28:19 1,717 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\PartyPoker.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:47 1,128 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Desktop.ini
2012-01-06 15:05:44 . 2009-07-14 04:42:26 364 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\FreeCell.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:25 258 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\GameExplorer.lnk
2012-01-06 15:05:44 . 2011-04-02 07:18:11 1,029 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Free Monitor for Google\Free Monitor for Google.lnk
2012-01-06 15:05:44 . 2011-04-02 07:18:12 1,024 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Free Monitor for Google\Uninstall Free Monitor for Google.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:46 352 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Games\Chess.lnk
2012-01-06 15:05:44 . 2010-10-16 01:17:05 1,052 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Domain Research Tool\User Manual.lnk
2012-01-06 15:05:44 . 2011-11-22 21:06:15 1,169 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\FileZilla FTP Client\FileZilla.lnk
2012-01-06 15:05:44 . 2011-11-22 21:06:15 1,076 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\FileZilla FTP Client\Uninstall.lnk
2012-01-06 15:05:44 . 2011-04-02 07:18:12 1,113 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Free Monitor for Google\Free Monitor for Google on the Web.lnk
2012-01-06 15:05:44 . 2010-10-16 01:17:05 1,071 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Domain Research Tool\Read Me.lnk
2012-01-06 15:05:44 . 2010-10-16 01:17:06 858 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Domain Research Tool\Uninstall.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:58 1,080 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\Why Buy DivX Pro.lnk
2012-01-06 15:05:44 . 2010-10-16 01:17:03 1,052 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Domain Research Tool\Domain Research Tool.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:34 1,194 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\Register.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:36 1,144 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\DivX Plus Converter.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:43 1,104 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\DivX Plus Player.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:58 1,074 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\DivX Support.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:58 1,074 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\Post DivX® video to your website.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:34 1,182 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\Check for Updates.lnk
2012-01-06 15:05:44 . 2010-08-04 18:35:37 1,184 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\DivX Plus\Codec Settings.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:03 1,442 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Also from Codemasters\Prisoner of War.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:03 1,419 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Also from Codemasters\Race Driver.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,428 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Classic Flashpoint\Run Original Operation Flashpoint Cold War Crisis.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,415 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Classic Flashpoint\Run Original Operation Flashpoint Preferences.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,251 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Show readme file.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,302 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Uninstall Flashpoint GOTY Edition.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,337 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Flashpoint GOTY Edition.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,243 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Published by Codemasters.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,264 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Developed by Bohemia Interactive.lnk
2012-01-06 15:05:44 . 2010-06-21 10:33:02 1,366 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Codemasters\Operation Flashpoint GOTY\Flashpoint GOTY Edition Preferences.lnk
2012-01-06 15:05:44 . 2010-12-20 17:07:24 2,062 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\Help.lnk
2012-01-06 15:05:44 . 2010-09-03 19:30:34 2,035 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\MP Navigator 3.0\MP Navigator Readme.lnk
2012-01-06 15:05:44 . 2010-09-03 19:30:34 2,122 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\MP Navigator 3.0\MP Navigator Uninstall.lnk
2012-01-06 15:05:44 . 2010-12-20 17:07:24 2,028 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\CCC.lnk
2012-01-06 15:05:44 . 2010-09-03 19:30:34 2,026 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\MP Navigator 3.0\MP Navigator 3.0.lnk
2012-01-06 15:05:44 . 2010-09-03 19:31:41 1,198 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\Easy-PhotoPrint\Easy-PhotoPrint Uninstall.lnk
2012-01-06 15:05:44 . 2010-09-03 19:31:41 1,141 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\Easy-PhotoPrint\Easy-PhotoPrint.lnk
2012-01-06 15:05:44 . 2010-09-03 20:01:01 1,099 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160 User Registration\User Registration.LNK
2012-01-06 15:05:44 . 2010-09-03 19:31:41 1,136 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon Utilities\Easy-PhotoPrint\Easy-PhotoPrint Readme.lnk
2012-01-06 15:05:44 . 2010-09-03 19:30:23 1,133 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160 Manual\Uninstall.lnk
2012-01-06 15:05:44 . 2010-09-03 20:01:01 1,099 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160 User Registration\User Registration Uninstall.LNK
2012-01-06 15:05:44 . 2010-09-03 19:29:36 1,528 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160\Uninstall.lnk
2012-01-06 15:05:44 . 2010-09-03 19:30:19 2,249 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160 Manual\MP160 On-screen Manual.lnk
2012-01-06 15:05:44 . 2010-09-03 19:29:34 1,204 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Canon MP160\Readme.lnk
2012-01-06 15:05:44 . 2011-06-04 01:29:39 2,603 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Camtasia Studio 7\Applications\Camtasia Theater.lnk
2012-01-06 15:05:44 . 2011-06-04 01:29:40 2,603 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Camtasia Studio 7\Applications\Camtasia Player.lnk
2012-01-06 15:05:44 . 2011-06-04 01:29:39 2,603 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Camtasia Studio 7\Applications\Camtasia Recorder.lnk
2012-01-06 15:05:44 . 2011-06-04 01:29:40 2,603 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Camtasia Studio 7\Applications\Camtasia MenuMaker.lnk
2012-01-06 15:05:44 . 2011-06-04 01:29:39 2,597 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Camtasia Studio 7\Camtasia Studio.lnk
2012-01-06 15:05:44 . 2011-02-15 14:00:13 945 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Burn4Free\Burn4Free.lnk
2012-01-06 15:05:44 . 2010-12-20 17:07:40 864 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ATI Problem Report Wizard\Uninstall ATI Problem Report Wizard.lnk
2012-01-06 15:05:44 . 2011-11-15 21:15:09 1,951 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\avast! Free Antivirus\avast! Free Antivirus.lnk
2012-01-06 15:05:44 . 2011-08-14 13:46:09 1,884 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Article Mixer\Uninstall.lnk
2012-01-06 15:05:44 . 2010-12-20 17:07:40 977 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ATI Problem Report Wizard\Run ATI Problem Report Wizard.lnk
2012-01-06 15:05:44 . 2011-08-14 13:46:08 1,194 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Article Mixer\Article Mixer.lnk
2012-01-06 15:05:44 . 2009-07-14 04:42:01 1,262 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Task Scheduler.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:40 1,274 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
2012-01-06 15:05:44 . 2009-07-14 04:52:25 2,741 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Windows PowerShell Modules.lnk
2012-01-06 15:05:44 . 2010-08-06 09:11:54 959 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe\Adobe Media Player.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:45 1,288 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\services.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:20 1,246 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\System Configuration.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:33 1,232 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Performance Monitor.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:42 1,262 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Print Management.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:49 1,248 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Security Configuration Management.lnk
2012-01-06 15:05:44 . 2010-06-04 00:27:49 1,958 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\desktop.ini
2012-01-06 15:05:44 . 2009-07-14 04:42:01 1,298 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Event Viewer.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:55 1,274 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\iSCSI Initiator.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:20 1,268 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
2012-01-06 15:05:44 . 2009-07-14 04:46:36 1,242 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Component Services.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:55 1,294 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Computer Management.lnk
2012-01-06 15:05:44 . 2009-07-14 04:41:35 1,270 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Data Sources (ODBC).lnk
2012-01-06 15:05:44 . 2009-07-14 04:46:36 116 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\desktop.ini
2012-01-06 15:05:44 . 2009-07-14 04:46:36 1,468 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
2012-01-06 15:05:44 . 2009-07-14 04:52:25 1,899 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:46 1,436 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\ShapeCollector.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:46 1,386 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\TabTip.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:49 1,316 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\Windows Journal.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:01 1,268 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Task Scheduler.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,320 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,316 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:49 343 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\Desktop.ini
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,338 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Desktop.ini
2012-01-06 15:05:43 . 2009-07-14 04:41:58 1,290 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\dfrgui.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:24 1,252 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Disk Cleanup.lnk
2012-01-06 15:05:43 . 2009-07-14 04:41:33 1,242 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Resource Monitor.lnk
2012-01-06 15:05:43 . 2009-07-14 04:41:20 1,250 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\System Information.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:23 1,246 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\System Restore.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:30 1,388 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility\Speech Recognition.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:26 1,248 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Character Map.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,579 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Welcome Center.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:23 1,322 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Wordpad.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:30 370 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility\Desktop.ini
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,330 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sound Recorder.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:47 1,351 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sticky Notes.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:23 1,254 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sync Center.lnk
2012-01-06 15:05:43 . 2009-07-14 04:41:37 1,367 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Remote Desktop Connection.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:47 1,272 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Snipping Tool.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:44 1,242 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\NetworkProjection.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:04 1,242 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Paint.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:46 1,238 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Mobility Center.lnk
2012-01-06 15:05:43 . 2009-07-14 04:41:56 1,266 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\displayswitch.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:47 1,364 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Math Input Panel.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:47 1,854 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Desktop.ini
2012-01-06 15:05:43 . 2009-07-14 04:42:30 1,246 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\XPS Viewer.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:26 1,230 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Calculator.lnk
2012-01-06 15:05:43 . 2009-07-14 04:54:22 1,515 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Windows Media Player.lnk
2012-01-06 15:05:43 . 2011-12-21 13:03:40 2,157 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\TuneUp Utilities 2012.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:47 1,326 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Windows DVD Maker.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:24 1,210 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Windows Fax and Scan.lnk
2012-01-06 15:05:43 . 2011-04-30 15:07:08 1,112 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Mozilla Firefox.lnk
2012-01-06 15:05:43 . 2009-07-14 04:42:29 1,330 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Sidebar.lnk
2012-01-06 15:05:43 . 2012-01-01 21:28:59 925 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Market Samurai.lnk
2012-01-06 15:05:43 . 2010-06-04 00:27:51 1,345 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Media Center.lnk
2012-01-06 15:05:43 . 2011-08-27 20:57:15 964 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\desktop.ini
2012-01-06 15:05:43 . 2011-04-21 12:42:21 1,827 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\ImgBurn.lnk
2012-01-06 15:05:43 . 2011-07-05 17:05:06 1,179 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Fireworks CS5.lnk
2012-01-06 15:05:43 . 2011-02-20 12:34:57 1,179 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Photoshop CS5.lnk
2012-01-06 15:05:43 . 2011-07-16 22:53:49 2,471 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Reader 9.lnk
2012-01-06 15:05:43 . 2011-02-20 12:32:13 1,521 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe ExtendScript Toolkit CS5.lnk
2012-01-06 15:05:43 . 2011-07-05 17:04:13 1,351 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Extension Manager CS5.lnk
2012-01-06 15:05:43 . 2011-02-20 12:34:11 1,139 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Bridge CS5.lnk
2012-01-06 15:05:43 . 2011-07-05 17:03:56 1,244 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Programs\Adobe Device Central CS5.lnk
2012-01-06 15:05:43 . 2010-11-11 06:50:13 923 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\µTorrent.lnk
2012-01-06 15:05:43 . 2009-07-14 04:37:43 1,266 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Windows Update.lnk
2012-01-06 15:05:43 . 2009-07-14 04:46:35 442 --sha-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\desktop.ini
2012-01-06 15:05:43 . 2012-01-02 11:28:18 1,705 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\PartyPoker.lnk
2012-01-06 15:05:43 . 2009-07-14 04:46:35 1,282 ----a-w- C:\Qoobox\Quarantine\C\Users\FRULIL~1\AppData\Local\Temp\smtmp\1\Default Programs.lnk
2012-01-06 14:48:31 . 2012-01-06 14:55:14 113 ----a-w- C:\Qoobox\Quarantine\catchme.log
2012-01-05 21:33:59 . 2012-01-05 23:05:11 160 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\~zAPjAy1foQY0EFr.vir
2012-01-05 21:33:58 . 2012-01-05 23:05:11 272 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\~zAPjAy1foQY0EF.vir
2012-01-05 21:33:36 . 2012-01-05 21:33:36 659 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\Desktop\System Check.lnk.vir
2012-01-05 21:33:36 . 2012-01-05 21:33:36 767 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk.vir
2012-01-05 21:33:36 . 2012-01-05 21:33:36 695 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk.vir
2012-01-05 21:33:32 . 2012-01-05 23:06:36 456 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\zAPjAy1foQY0EF.vir
2010-10-21 02:59:41 . 2010-10-21 03:26:29 775 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\AppData\Roaming\mIRC\logs\status.log.vir
2010-08-19 22:51:07 . 2011-08-17 14:35:12 190,464 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\AppData\Roaming\chrtmp.vir
2010-08-16 10:45:57 . 2006-11-30 16:43:52 53,248 ----a-w- C:\Qoobox\Quarantine\C\Users\Fruli Luli\AppData\Roaming\uninstpw.exe.vir
2010-03-16 23:56:35 . 2010-03-16 23:56:36 1,522 ----a-w- C:\Qoobox\Quarantine\C\ErrLog.txt.vir

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:21 PM

Posted 12 January 2012 - 01:59 PM

Out of the list above what are the files that you need?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 ton7io69

ton7io69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 12 January 2012 - 02:52 PM

The problem is the files are not listed there, these files are from zenno poster, they are .xml templates.
When I checked with Pandora recovery it shows that the files are located at C:\Qoobox\Quarantine\Test\ but such folder doesnt exist.
Please see here:
http://alkaos.com/images/710Qoobox.png

Edited by ton7io69, 12 January 2012 - 02:54 PM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:21 PM

Posted 12 January 2012 - 03:03 PM

Hello


So it looks like they have been deleted and you have tried to recover them with the panda recovery

were you able to retrieve them

and this is the malware forum, I think you would do allot better in the windows forum as they would know the better tools to use

because you want to recover these files - the least you use the computer the better chances you have

at this time I think the more I do to check for malware would cause you to have lower chances to find your files


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 ton7io69

ton7io69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 13 January 2012 - 04:54 AM

I did try to recover them with panda recovery but they were all having 0KB.
So where should I post my question now?

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:21 PM

Posted 13 January 2012 - 06:19 AM

In answer to the PM you sent me, I suggest you post for further assistance in the Software Subforums. However, I'm not sure how many members use Pandora or if they will be able to help you. As such, you may want to contact Pandora Recovery Customer Support.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:01:21 PM

Posted 13 January 2012 - 08:51 AM

ton7io69 has started a new topic in All Other Applications. http://www.bleepingcomputer.com/forums/topic437874.html

This topic is now closed to avoid confusion.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users