c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\de.lproj\EULA.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\de.lproj\friendly_name.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\de.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\de.lproj\terms.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_uk.lproj\EULA.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_uk.lproj\friendly_name.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_uk.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_uk.lproj\terms.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_us.lproj\EULA.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_us.lproj\friendly_name.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_us.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\en_us.lproj\terms.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\es.lproj\EULA.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\es.lproj\friendly_name.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\es.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\es.lproj\terms.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\distribution.dist
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\Firmware Updates.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\FlipDrivers.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\FlipShare AutoRun.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\FlipShare Uninstaller.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\FlipShare.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\FlipShareServer.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Packages\QTMpeg4Codec.pkg
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Resources\background
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\FlipShare.mpkg\Contents\Resources\English.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\fr_fr.lproj\EULA.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\fr_fr.lproj\friendly_name.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\fr_fr.lproj\Localizable.strings
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\fr_fr.lproj\terms.txt
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\Grey_Btn_Bg_All.png
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\Language_carrot.BMP
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\Language_Top.png
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\Language_Whole.png
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\MainMenu.nib
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\Purple.icns
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\S_job_progress_base.bmp
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\S_job_progress_leftcap.BMP
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\S_job_progress_rightcap.BMP
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\S_job_progress_run.BMP
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\SP_base_art.bmp
c:\program files\Flip Video\FlipShare\Upgrade\Start FlipShare.app\Contents\Resources\SP_base_art_horiz_line.bmp
c:\program files\Flip Video\FlipShare\Upgrade\system\VIEWER\FlipShare.ico
c:\program files\Flip Video\FlipShare\Upgrade\system\VIEWER\mem_size.txt
c:\program files\Flip Video\FlipShare\Upgrade\system\VIEWER\PD\settings\settings.txt
c:\program files\Flip Video\FlipShare\Video.dll
c:\program files\Flip Video\FlipShare\VideoProcessor.exe
c:\program files\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
c:\program files\Flip Video\FlipShareServer\boost_thread-vc80-mt-1_43.dll
c:\program files\Flip Video\FlipShareServer\certs\flipshare_cert.pem
c:\program files\Flip Video\FlipShareServer\certs\flipshare_priv.pem
c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe
c:\program files\Flip Video\FlipShareServer\html\crossdomain.xml
c:\program files\Flip Video\FlipShareServer\html\favicon.ico
c:\program files\Flip Video\FlipShareServer\html\flipshare.html
c:\program files\Flip Video\FlipShareServer\html\images\brand.gif
c:\program files\Flip Video\FlipShareServer\html\images\bullet_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\bullet_toggle_minus.png
c:\program files\Flip Video\FlipShareServer\html\images\bullet_toggle_plus.png
c:\program files\Flip Video\FlipShareServer\html\images\connect.png
c:\program files\Flip Video\FlipShareServer\html\images\database.png
c:\program files\Flip Video\FlipShareServer\html\images\database_add.png
c:\program files\Flip Video\FlipShareServer\html\images\delete.png
c:\program files\Flip Video\FlipShareServer\html\images\disconnect.png
c:\program files\Flip Video\FlipShareServer\html\images\film.png
c:\program files\Flip Video\FlipShareServer\html\images\film_add.png
c:\program files\Flip Video\FlipShareServer\html\images\film_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\film_edit.png
c:\program files\Flip Video\FlipShareServer\html\images\film_error.png
c:\program files\Flip Video\FlipShareServer\html\images\film_go.png
c:\program files\Flip Video\FlipShareServer\html\images\film_key.png
c:\program files\Flip Video\FlipShareServer\html\images\film_link.png
c:\program files\Flip Video\FlipShareServer\html\images\film_save.png
c:\program files\Flip Video\FlipShareServer\html\images\folder.png
c:\program files\Flip Video\FlipShareServer\html\images\folder_add.png
c:\program files\Flip Video\FlipShareServer\html\images\information.png
c:\program files\Flip Video\FlipShareServer\html\images\music.png
c:\program files\Flip Video\FlipShareServer\html\images\photo.png
c:\program files\Flip Video\FlipShareServer\html\images\photo_add.png
c:\program files\Flip Video\FlipShareServer\html\images\photo_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\photo_link.png
c:\program files\Flip Video\FlipShareServer\html\images\photos.png
c:\program files\Flip Video\FlipShareServer\html\images\picture.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_add.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_edit.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_empty.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_error.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_go.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_key.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_link.png
c:\program files\Flip Video\FlipShareServer\html\images\picture_save.png
c:\program files\Flip Video\FlipShareServer\html\images\spacer.gif
c:\program files\Flip Video\FlipShareServer\html\images\television.png
c:\program files\Flip Video\FlipShareServer\html\images\television_add.png
c:\program files\Flip Video\FlipShareServer\html\images\television_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\user.png
c:\program files\Flip Video\FlipShareServer\html\images\user_female.png
c:\program files\Flip Video\FlipShareServer\html\images\user_gray.png
c:\program files\Flip Video\FlipShareServer\html\images\user_green.png
c:\program files\Flip Video\FlipShareServer\html\images\user_orange.png
c:\program files\Flip Video\FlipShareServer\html\images\user_red.png
c:\program files\Flip Video\FlipShareServer\html\images\user_suit.png
c:\program files\Flip Video\FlipShareServer\html\images\webcam.png
c:\program files\Flip Video\FlipShareServer\html\images\webcam_add.png
c:\program files\Flip Video\FlipShareServer\html\images\webcam_delete.png
c:\program files\Flip Video\FlipShareServer\html\images\webcam_error.png
c:\program files\Flip Video\FlipShareServer\html\js\functions.js
c:\program files\Flip Video\FlipShareServer\html\js\jquery-1.4.1.min.js
c:\program files\Flip Video\FlipShareServer\html\js\jquery-ui-1.8.4.custom.min.js
c:\program files\Flip Video\FlipShareServer\html\js\jquery.json-2.2.min.js
c:\program files\Flip Video\FlipShareServer\html\style\index.css
c:\program files\Flip Video\FlipShareServer\libeay32.dll
c:\program files\Flip Video\FlipShareServer\PlugIns\sqldrivers\qsqlite4.dll
c:\program files\Flip Video\FlipShareServer\PocoCrypto.dll
c:\program files\Flip Video\FlipShareServer\PocoFoundation.dll
c:\program files\Flip Video\FlipShareServer\PocoNet.dll
c:\program files\Flip Video\FlipShareServer\PocoNetSSL.dll
c:\program files\Flip Video\FlipShareServer\PocoUtil.dll
c:\program files\Flip Video\FlipShareServer\PocoXML.dll
c:\program files\Flip Video\FlipShareServer\Qt.conf
c:\program files\Flip Video\FlipShareServer\QtCore4.dll
c:\program files\Flip Video\FlipShareServer\QtNetwork4.dll
c:\program files\Flip Video\FlipShareServer\QtSql4.dll
c:\program files\Flip Video\FlipShareServer\QtXml4.dll
c:\program files\Flip Video\FlipShareServer\sql\flipshare.sql
c:\program files\Flip Video\FlipShareServer\ssleay32.dll
c:\program files\Microsoft Security Client
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.cat
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.inf
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.sys
c:\program files\Microsoft Security Client\Antimalware\EN-US\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\Antimalware\EN-US\mpevmsg.dll.mui
c:\program files\Microsoft Security Client\Antimalware\MpAsDesc.dll
c:\program files\Microsoft Security Client\Antimalware\MpClient.dll
c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe
c:\program files\Microsoft Security Client\Antimalware\MpCommu.dll
c:\program files\Microsoft Security Client\Antimalware\mpevmsg.dll
c:\program files\Microsoft Security Client\Antimalware\MpOAv.dll
c:\program files\Microsoft Security Client\Antimalware\MpRTP.dll
c:\program files\Microsoft Security Client\Antimalware\MpSvc.dll
c:\program files\Microsoft Security Client\Antimalware\MsMpCom.dll
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpLics.dll
c:\program files\Microsoft Security Client\Backup\en-us\amhelp.chm
c:\program files\Microsoft Security Client\Backup\en-us\epploc.cab
c:\program files\Microsoft Security Client\Backup\en-us\epploc_x86.msi
c:\program files\Microsoft Security Client\Backup\en-us\eula.rtf
c:\program files\Microsoft Security Client\Backup\en-us\setupres.dll.mui
c:\program files\Microsoft Security Client\Backup\eppmanifest.dll
c:\program files\Microsoft Security Client\Backup\setupres.dll
c:\program files\Microsoft Security Client\Backup\x86\dw20shared.msi
c:\program files\Microsoft Security Client\Backup\x86\epp.msi
c:\program files\Microsoft Security Client\Backup\x86\legitlib.dll
c:\program files\Microsoft Security Client\Backup\x86\mp_ambits.msi
c:\program files\Microsoft Security Client\Backup\x86\setup.exe
c:\program files\Microsoft Security Client\Backup\x86\sqmapi.dll
c:\program files\Microsoft Security Client\Backup\x86\windows6.0-kb981889-v2.msu
c:\program files\Microsoft Security Client\Backup\x86\windows6.1-kb981889.msu
c:\program files\Microsoft Security Client\CleanUpPolicy.xml
c:\program files\Microsoft Security Client\ConfigSecurityPolicy.exe
c:\program files\Microsoft Security Client\en-us\amhelp.chm
c:\program files\Microsoft Security Client\en-us\eula.rtf
c:\program files\Microsoft Security Client\en-us\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\en-us\setupres.dll.mui
c:\program files\Microsoft Security Client\en-us\shellext.dll.mui
c:\program files\Microsoft Security Client\eppmanifest.dll
c:\program files\Microsoft Security Client\LegitLib.dll
c:\program files\Microsoft Security Client\MsMpRes.dll
c:\program files\Microsoft Security Client\msseces.exe
c:\program files\Microsoft Security Client\MsseWat.dll
c:\program files\Microsoft Security Client\setup.exe
c:\program files\Microsoft Security Client\setupres.dll
c:\program files\Microsoft Security Client\shellext.dll
c:\program files\Microsoft Security Client\sqmapi.dll
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\29D011A3-8EA5-422F-B45A-0BDDB6641FCE.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\2AF266E3-6386-4D4D-8FA3-D994C357947B.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\502D79AD-5E79-455B-ABED-E59924E37E81.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\768F85A3-D360-491C-B6ED-85D824E6FFEE.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\7D95ACC0-9F78-420E-9C9C-BDDEBF3B34E7.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\8BE65D44-FA7A-4406-8651-54C05F7F1F18.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\A3D1D398-C93B-4A19-8B4E-742EF8E1FF83.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\B5ACDECB-B591-4135-BBD7-FB28B8AAC4AE.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\B68B7805-589F-4DC8-830B-EB825656C872.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\FF695533-722D-4599-811F-386A6AAE37C2.ico
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\Icon Cache\icon_ex.dat
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\shortcut_ex.dat
c:\windows\system32\config\systemprofile\Application Data\SoftGrid Client\userinfo.dat
c:\windows\tmpcpyis.bat
c:\windows\tmpdelis.bat
c:\windows\winstart.bat
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL88A2E706
-------\Legacy_MPKSLDB68B2DA
-------\Legacy_MPKSLE639FEA4
-------\Service_MpKsl88a2e706
-------\Service_MpKsldb68b2da
-------\Service_MpKsle639fea4
-------\Legacy_FlipShare_Service
-------\Legacy_FlipShareServer
-------\Legacy_MsMpSvc
-------\Legacy_FlipShare_Service
-------\Legacy_FlipShareServer
-------\Legacy_MsMpSvc
-------\Service_FlipShare Service
-------\Service_FlipShareServer
-------\Service_MsMpSvc
-------\Service_FlipShare Service
-------\Service_FlipShareServer
-------\Service_MsMpSvc
.
.
((((((((((((((((((((((((( Files Created from 2011-03-22 to 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-21 21:03 . 2011-04-21 21:03 388096 ----a-r- c:\documents and settings\George Putland\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-21 19:33 . 2011-04-21 19:40 -------- d-----w- c:\documents and settings\All Users\CyberLink
2011-04-21 18:07 . 2011-04-21 19:26 -------- d-----w- c:\documents and settings\George Putland\Application Data\CyberLink
2011-04-21 18:07 . 2011-04-21 19:58 -------- d-----w- c:\documents and settings\George Putland\Local Settings\Application Data\Cyberlink
2011-04-21 18:01 . 2011-04-21 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2011-04-21 17:13 . 2011-04-21 17:13 -------- d-----w- c:\program files\Trend Micro
2011-04-20 22:13 . 2011-04-21 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2011-04-20 21:27 . 2011-04-20 21:28 -------- d-----w- c:\program files\Common Files\Adobe
2011-04-20 20:40 . 2011-04-20 20:40 -------- d-----w- c:\program files\Audacity
2011-04-19 11:24 . 2011-04-19 11:24 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl98a37cb6.sys
2011-04-19 10:20 . 2011-04-19 10:20 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsle7d139ad.sys
2011-04-18 14:45 . 2011-04-18 14:45 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl41c4b743.sys
2011-04-18 14:42 . 2011-04-18 14:42 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl1d20268c.sys
2011-04-18 14:41 . 2011-03-14 20:05 6792528 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-18 14:39 . 2011-03-14 20:05 6792528 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\mpengine.dll
2011-04-17 15:36 . 2011-04-17 15:36 -------- d-----w- c:\documents and settings\George Putland\Application Data\Malwarebytes
2011-04-17 15:35 . 2011-04-17 15:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-04-17 15:34 . 2011-04-17 17:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-17 12:00 . 2011-02-02 17:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-13 22:02 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-04-11 19:04 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-04-11 19:04 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-04-11 13:58 . 2011-04-11 13:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-10 11:38 . 2011-04-10 14:40 -------- d-----w- c:\windows\system32\NtmsData
2011-04-06 21:20 . 2011-04-06 21:30 -------- d-----w- c:\documents and settings\George Putland\Application Data\TP
2011-03-24 21:01 . 2011-03-24 21:01 -------- d-----w- c:\documents and settings\George Putland\Application Data\Amazon
2011-03-24 21:01 . 2011-03-24 21:01 -------- d-----w- c:\documents and settings\George Putland\Local Settings\Application Data\Amazon
2011-03-24 21:00 . 2011-03-24 21:00 -------- d-----w- c:\program files\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2006-02-13 06:43 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2006-02-13 05:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2006-02-13 05:29 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2006-02-13 05:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2006-02-13 05:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2006-02-13 05:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-02-13 05:29 385024 ----a-w- c:\windows\system32\html.iec
2011-02-18 16:36 . 2011-01-31 18:12 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 16:36 . 2011-01-31 18:12 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:18 . 2006-02-13 05:29 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-02-13 05:29 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2011-01-31 17:52 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-02-13 05:29 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-02-13 05:29 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-02-13 05:29 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-02-13 05:29 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-02-13 05:29 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 20:40 . 2011-01-31 17:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2011-03-14 20:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2006-02-13 06:41 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-31 17:19 . 2011-01-31 17:19 21275 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-01-27 11:57 . 2006-02-13 06:41 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-18 17:57 . 2011-04-10 15:23 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-19_23.33.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-11 18:41 . 2009-07-11 18:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2011-04-20 20:40 . 2011-04-20 20:40 16384 c:\windows\Temp\Perflib_Perfdata_94c.dat
+ 2011-04-22 07:58 . 2011-04-22 07:58 16384 c:\windows\Temp\Perflib_Perfdata_2a4.dat
+ 2010-11-10 11:49 . 2010-11-10 11:49 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2006-02-13 06:36 . 2011-04-22 07:58 248696 c:\windows\system32\FNTCACHE.DAT
+ 2011-04-21 18:14 . 2011-04-21 18:14 424960 c:\windows\Installer\149ed131.msi
+ 2011-04-21 18:03 . 2011-04-21 18:03 228352 c:\windows\Installer\149ed0f1.msi
+ 2010-11-10 11:49 . 2010-11-10 11:49 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2011-04-21 21:03 . 2011-04-21 21:03 1094656 c:\windows\Installer\1541dbfe.msi
+ 2011-04-21 18:02 . 2011-04-21 18:02 5647872 c:\windows\Installer\149ed0e7.msi
+ 2011-04-20 21:30 . 2011-04-20 21:30 2283008 c:\windows\Installer\1032c20e.msi
+ 2010-11-10 11:49 . 2010-11-10 11:49 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe
+ 2011-01-30 20:44 . 2011-01-30 20:44 12425728 c:\windows\Installer\1032c20f.msp
+ 2010-11-10 11:49 . 2010-11-10 11:49 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 15691264]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-23 196608]
"CeEKEY"="c:\program files\TOSHIBA\E-KEY\CeEKey.exe" [2005-12-01 671744]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-12-21 1077330]
"TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2005-12-13 53248]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-10-06 122940]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files\Audible\Bin\AudibleDownloadHelper.exe [2010-10-19 1795488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24726:TCP"= 24726:TCP:FlipShareServer
"24727:TCP"= 24727:TCP:FlipShareServer
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [28/12/2004 00:31 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [13/03/2006 10:56 6144]
R1 MpKsl1d20268c;MpKsl1d20268c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl1d20268c.sys [18/04/2011 15:42 28752]
R1 MpKsl41c4b743;MpKsl41c4b743;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl41c4b743.sys [18/04/2011 15:45 28752]
R1 MpKsl98a37cb6;MpKsl98a37cb6;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsl98a37cb6.sys [19/04/2011 12:24 28752]
R1 MpKsle7d139ad;MpKsle7d139ad;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{91BA4770-E5F6-4929-829F-C1A14B037C34}\MpKsle7d139ad.sys [19/04/2011 11:20 28752]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.SYS [13/02/2006 12:40 5888]
R2 Tmesrv;Tmesrv3;c:\program files\Toshiba\TME3\TMESRV31.EXE [14/03/2006 06:18 118784]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 11:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\George Putland\Application Data\Mozilla\Firefox\Profiles\mb2wt7pq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-MSC - c:\program files\Microsoft Security Client\msseces.exe
SafeBoot-MsMpSvc
AddRemove-Microsoft Security Client - c:\program files\Microsoft Security Client\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-04-22 08:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2312)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Apoint2K\Apntex.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-04-22 09:02:46 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-22 08:02
ComboFix2.txt 2011-04-19 23:36
.
Pre-Run: 17,675,718,656 bytes free
Post-Run: 17,788,141,568 bytes free
.
- - End Of File - - E72F6C380F5F7091EE9EEA8790510