colin0100
-
Posts
56 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by colin0100
-
-
Running it now....earlier today I updated Malwarebytes and did a run, got 105 windows updates installed, updated to SP3.
Now I can't get into the internet at all (Internet explorer has an error......)....I am on a laptop now that is wireless to my router.
I was just about to re-install Windows when I saw your reply....so am running that now.
If I stull can't connect to the interent I will have to post the log to my USB stick and send the results from this laptop: WHAT IS THE DANGER THAT THE MEMORY STICK WILL INFECT THIS LAPTOP??
Cheers
Colin
-
Windows update would not run: boot in normal mode.
Advice please. Thanks Maniac.
-
Managed to get to safe mode. It worked!!!!
Will try a windows update now.
---------
All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1682526488-682003330-1005\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-1682526488-682003330-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
C:\Documents and Settings\COLIN\Application Data\PriceGong\Data folder moved successfully.
C:\Documents and Settings\COLIN\Application Data\PriceGong folder moved successfully.
C:\Documents and Settings\COLIN\My Documents\My 4shared Sync folder moved successfully.
C:\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Program Files\Conduit folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Log folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Feeds folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts\Dialogs folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit\Community Alerts folder moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit folder moved successfully.
C:\Program Files\4shared_Desktop_3[1].3.5M.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer moved successfully.
C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe moved successfully.
C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt moved successfully.
C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr moved successfully.
C:\Documents and Settings\COLIN\Application Data\waQ1P0bNat.gif moved successfully.
C:\Documents and Settings\COLIN\Application Data\waQ1P0bNzn.gif moved successfully.
C:\Documents and Settings\COLIN\Application Data\waQ1P0bNby.gif moved successfully.
C:\Documents and Settings\COLIN\Application Data\evf moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\COLIN\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\COLIN\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes
User: All Users
User: COLIN
->Temp folder emptied: 39681467 bytes
->Temporary Internet Files folder emptied: 8409699 bytes
->Flash cache emptied: 343953 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 95375 bytes
->Flash cache emptied: 8889 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 53019 bytes
User: MANEERAT
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 529186 bytes
->Flash cache emptied: 2023 bytes
User: NetworkService
->Temp folder emptied: 63098450 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: new one
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 8570856 bytes
%systemroot%\System32 .tmp files removed: 608594 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 564579 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34046 bytes
RecycleBin emptied: 1933086491 bytes
Total Files Cleaned = 1,960.00 mb
Unable to start System Restore Service. Error code 10
OTL by OldTimer - Version 3.2.53.1 log created on 07072012_090537
Files\Folders moved on Reboot...
C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\google.com[1] moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\index[1].php moved successfully.
C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM[1].eot moved successfully.
PendingFileRenameOperations files...
File C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\google.com[1] not found!
File C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\index[1].php not found!
File C:\Documents and Settings\COLIN\Local Settings\Temporary Internet Files\Content.IE5\OLQJW1IZ\s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM[1].eot not found!
Registry entries deleted on Reboot...
-
I'm going to sleep now, Please leave instructions for the next task...
Maniac, do you think this is recoverable???
-
Deleted the 4share progs, rebooted (can't get to safe) tries Windows update, did not work...same as last time we tried.
Ran an OTL scan for you
=============== OTL logfile created on: 6/07/2012 10:17:48 PM - Run 5
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\COLIN\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.38% Memory free
3.85 Gb Paging File | 2.98 Gb Available in Paging File | 77.45% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 65.74 Gb Free Space | 28.24% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 3.67 Gb Free Space | 98.42% Space Free | Partition Type: FAT32
Drive G: | 931.51 Gb Total Space | 228.95 Gb Free Space | 24.58% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 20.95 Gb Free Space | 2.25% Space Free | Partition Type: NTFS
Computer Name: NEW-TOY | User Name: COLIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/06 21:38:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
PRC - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 13:47:55 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 13:47:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/06/28 09:03:22 | 001,843,000 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe
PRC - [2011/06/27 09:05:26 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe
PRC - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2008/12/31 16:04:48 | 000,942,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WGATray.exe
PRC - [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2007/10/25 12:11:39 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/08/13 08:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/03/09 14:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAIP.EXE
PRC - [2004/08/04 22:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/04 22:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/13 21:12:26 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c1b45d66\system.drawing.dll
MOD - [2012/06/13 21:12:12 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9aa3dcd\system.windows.forms.dll
MOD - [2012/06/13 21:11:47 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/05/09 13:47:56 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/01/13 08:06:42 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3db6a3e6\mscorlib.dll
MOD - [2012/01/13 08:06:32 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cc2b0697\system.xml.dll
MOD - [2012/01/13 08:06:18 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3a3c05f7\system.dll
MOD - [2012/01/13 08:06:07 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/13 08:06:06 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/13 08:06:05 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/06/28 09:01:38 | 000,397,312 | ---- | M] () -- C:\Program Files\Orbitdownloader\wtlctrl.dll
MOD - [2007/10/25 12:11:37 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2006/01/17 15:56:10 | 000,183,296 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MOD - [2006/01/17 15:56:10 | 000,105,472 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
MOD - [2006/01/17 15:56:10 | 000,075,264 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
MOD - [2006/01/16 18:34:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/01/16 18:34:03 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2006/01/16 18:34:02 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2004/08/04 22:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 13:47:55 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/06/04 09:52:22 | 001,200,128 | ---- | M] (PowerQuest Corporation) [Auto | Stopped] -- C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe -- (V2i Protector)
SRV - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
========== Driver Services (SafeList) ==========
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (TSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COLIN\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/05/09 13:47:56 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 13:47:56 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/11 14:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/01/05 13:46:40 | 001,420,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/18 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/07/07 10:27:28 | 000,070,070 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2004/07/07 08:55:12 | 000,152,049 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2004/06/02 13:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2004/05/20 08:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/05/20 08:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2004/05/20 08:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/11/18 06:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/18 06:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/18 06:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/06/04 09:52:24 | 000,123,957 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PQV2i.sys -- (PQV2i)
DRV - [2003/06/04 09:52:20 | 000,046,900 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQIMount.sys -- (PQIMount)
DRV - [2003/03/08 09:07:58 | 000,029,603 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\glauiad.sys -- (glauiad)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{7B5D77E7-B219-4760-B284-AE305BDFD485}: "URL" = http://www.google.com.au/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_en
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228846
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hem.passagen.se/siamthai/news.htm
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\SearchScopes,DefaultScope = {D1006A2C-3FB5-4F19-B330-F7B263F8C24A}
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = http://fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=9
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\SearchScopes\{D1006A2C-3FB5-4F19-B330-F7B263F8C24A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_en
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\COLIN\Application Data\nprhapengine.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD} [2009/11/25 15:34:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}\ [2009/11/30 19:16:23 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/07/02 11:22:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\COLIN\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html File not found
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340975846937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140139436593 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67C731C6-C643-46BD-8865-2DA9C21374CD}: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAD4249-41A8-413E-8C32-51D6B0666FB6}: NameServer = 61.8.0.113,210.23.129.34
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/13 14:27:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/06 21:38:55 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/06 10:17:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/05 12:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\PriceGong
[2012/07/05 12:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\My Documents\My 4shared Sync
[2012/07/05 12:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/07/05 12:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit
[2012/07/05 12:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/07/05 12:48:57 | 003,502,192 | ---- | C] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/04 21:46:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/04 21:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/07/04 21:10:56 | 004,570,624 | R--- | C] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 13:02:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/03 23:05:18 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:29 | 000,399,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 09:30:48 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/02 23:06:54 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 10:33:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/02 10:26:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/02 10:26:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/02 10:26:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/02 10:26:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/02 01:14:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\COLIN\My Documents\ComboFix
[2012/07/02 00:57:19 | 001,544,384 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/02 00:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Desktop\Malwarebytes (D)
[2012/07/02 00:34:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/02 00:33:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/01 09:45:00 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/06/30 07:36:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/06/29 22:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/06/29 22:17:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/06/29 22:17:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/06/29 22:17:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/06/29 22:17:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/06/29 22:17:39 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/06/29 22:17:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/06/29 22:17:36 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/06/29 22:17:35 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/06/29 22:17:35 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/06/29 22:17:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/06/29 22:17:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/06/29 22:17:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/06/29 22:17:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/06/29 22:17:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/06/29 22:17:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/06/29 22:17:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/06/29 22:17:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/06/29 22:17:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/06/29 22:17:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/06/29 22:17:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/06/29 22:17:11 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/06/29 22:17:08 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/06/29 22:17:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/06/29 22:17:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/06/29 22:17:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/06/29 22:17:07 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/06/29 22:17:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/06/29 22:17:07 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/06/29 22:17:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/06/29 22:17:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/06/29 22:17:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/06/29 22:17:06 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/06/29 22:17:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/06/29 22:17:05 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/06/29 22:17:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/06/29 22:17:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/06/29 22:17:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/06/29 22:17:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/06/29 22:17:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/06/29 22:17:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/06/29 22:16:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/06/29 22:16:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/06/29 22:16:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/06/29 22:16:50 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/06/29 22:16:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/06/29 22:16:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/06/29 22:16:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/06/29 22:16:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/06/29 22:16:43 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/06/29 22:16:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/06/29 22:16:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/06/29 22:16:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/06/29 22:16:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/06/29 22:16:38 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/06/29 22:16:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/06/29 22:16:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/06/29 22:16:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/06/29 22:16:37 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/06/29 22:16:37 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/06/29 22:16:36 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/06/29 22:16:34 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/06/29 22:16:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/06/29 22:16:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/06/29 22:16:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/06/29 22:16:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/06/29 22:16:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/06/29 22:16:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/06/29 22:16:12 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/06/29 22:16:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/06/29 22:16:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/06/29 22:16:00 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/06/29 22:16:00 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/06/29 22:15:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/06/29 22:15:57 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/06/29 22:15:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/06/29 22:15:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/06/29 22:15:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/06/29 22:15:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/06/29 22:15:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/06/29 22:15:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/06/29 22:15:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/06/29 22:15:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/06/29 22:15:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/06/29 22:15:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/06/29 22:15:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/06/29 22:15:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/06/29 22:15:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/06/29 22:15:36 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/06/29 22:15:36 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/06/29 22:15:35 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/06/29 22:15:35 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/06/29 22:15:35 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/06/29 22:15:35 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/06/29 22:15:34 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/06/29 22:15:34 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/06/29 22:15:34 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/06/29 22:15:34 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/06/29 22:15:33 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/06/29 22:15:33 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/06/29 22:15:33 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/06/29 22:15:33 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/06/29 22:15:32 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/06/29 22:15:32 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/06/29 22:15:32 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/06/29 22:15:31 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/06/29 22:15:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/06/29 22:15:31 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/06/29 22:15:31 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/06/29 22:15:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/06/29 22:15:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/06/29 22:15:24 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/06/29 22:15:16 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/06/29 22:15:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/06/29 22:15:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/06/29 22:15:09 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/06/29 22:15:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/06/29 22:15:08 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/06/29 22:15:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/06/29 22:15:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/06/29 22:15:08 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/06/29 22:15:08 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/06/29 22:15:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/06/29 22:15:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/06/29 22:15:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/06/29 22:15:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/06/29 22:15:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/06/29 22:15:06 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/06/29 22:15:06 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/06/29 22:15:06 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/06/29 22:15:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/06/29 22:15:06 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/06/29 22:15:06 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/06/29 22:15:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/06/29 22:15:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/06/29 22:15:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/06/29 22:15:04 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/06/29 22:15:04 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/06/29 22:15:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/06/29 22:15:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/06/29 22:15:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/06/29 22:15:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/06/29 22:15:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/06/29 22:15:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/06/29 22:14:59 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/06/29 22:14:59 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/06/29 22:14:59 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/06/29 22:14:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/06/29 22:14:46 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/06/29 22:14:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/06/29 22:14:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/06/29 22:14:39 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/06/29 22:14:38 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/06/29 22:14:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/06/29 22:14:37 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/06/29 22:14:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/06/29 22:14:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/06/29 22:14:36 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/06/29 22:14:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/06/29 22:14:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/06/29 22:14:35 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/06/29 22:14:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/06/29 22:14:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/06/29 22:14:33 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/06/29 22:14:32 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/06/29 22:14:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/06/29 22:14:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/06/29 22:14:06 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/06/29 22:14:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/06/29 22:14:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/06/29 22:13:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/06/29 22:13:46 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/06/29 22:13:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/06/29 22:13:45 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/06/29 22:13:45 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/06/29 22:13:39 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/06/29 22:13:38 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/06/29 22:13:38 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/06/29 22:13:38 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/06/29 22:13:38 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/06/29 22:13:38 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/06/29 22:13:38 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/06/29 22:13:37 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/06/29 22:13:37 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/06/29 22:13:37 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/06/29 22:13:37 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/06/29 22:13:37 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/06/29 22:13:36 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/06/29 22:13:36 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/06/29 22:13:36 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/06/29 22:13:36 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/06/29 22:13:35 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/06/29 22:13:34 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/06/29 22:13:34 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/06/29 22:13:33 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/06/29 22:13:33 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/06/29 22:09:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/06/29 22:09:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/06/29 19:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2012/06/29 16:40:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\COLIN\Recent
[2012/06/29 13:06:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2012/06/28 22:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/28 22:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\FixItCenter
[2012/06/28 18:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Data Recovery
[2012/06/26 13:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\HandBrake
[2012/06/26 13:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Handbrake
[2012/06/26 13:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/06/19 19:15:30 | 017,396,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2009/01/19 11:54:15 | 005,992,404 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\Portable GetRight 6.3e.exe
[2008/12/09 11:27:59 | 002,167,968 | ---- | C] (www.orbitdownloader.com ) -- C:\Program Files\OrbitDownloaderSetup.exe
[2008/07/10 19:55:26 | 000,383,755 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\download-VobSub_2.23.exe
[2006/12/07 08:37:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\COLIN\Application Data\pcouffin.sys
[2006/01/17 15:55:09 | 011,477,288 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXPlay.exe
[2005/12/06 12:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2005/12/06 12:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2005/12/06 12:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/06 22:21:00 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/07/06 22:15:16 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/07/06 22:15:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/06 22:13:59 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/06 22:11:03 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/06 22:11:03 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/07/06 22:10:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/06 21:38:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/06 21:10:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/06 13:42:03 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/06 13:42:02 | 000,061,952 | ---- | M] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/06 09:45:01 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Anti-Malware.job
[2012/07/05 12:49:10 | 003,502,192 | ---- | M] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/04 23:23:07 | 009,878,895 | ---- | M] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | M] () -- C:\FixitRegBackup.reg
[2012/07/04 23:02:56 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/07/04 21:10:56 | 004,570,624 | R--- | M] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 18:24:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 23:05:17 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:31 | 000,399,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 17:10:45 | 000,001,167 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/07/02 23:07:05 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 11:22:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/07/02 10:33:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/02 00:57:21 | 001,544,384 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/01 09:41:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/06/29 23:15:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 22:20:55 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/29 22:19:57 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/06/29 22:12:12 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/06/29 22:12:00 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/06/29 22:12:00 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/06/29 22:11:07 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/29 22:08:28 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/06/29 22:06:32 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/06/29 07:10:04 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/28 22:24:13 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/06/28 18:43:40 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/28 18:21:11 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/27 18:14:12 | 000,000,333 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\TV Guide - Australia's TV Guide - Yahoo!7.url
[2012/06/26 16:35:23 | 000,505,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/26 16:35:23 | 000,089,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/26 13:58:20 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:01 | 000,029,635 | ---- | M] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 19:15:46 | 017,396,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2012/06/19 16:51:26 | 004,478,300 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/06/09 21:55:16 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\COLIN\default.pls
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/04 23:23:03 | 009,878,895 | ---- | C] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | C] () -- C:\FixitRegBackup.reg
[2012/07/04 18:24:20 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 13:38:27 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/02 11:01:31 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2012/07/02 11:01:30 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2012/07/02 10:58:18 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2012/07/02 10:58:17 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/07/02 10:58:16 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/07/02 10:58:15 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012/07/02 10:58:14 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/07/02 10:58:13 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
[2012/07/02 10:58:12 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
[2012/07/02 10:58:11 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help Center.lnk
[2012/07/02 10:58:09 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Digital Editions.lnk
[2012/07/02 10:58:08 | 000,001,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge.lnk
[2012/07/02 10:33:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/07/02 10:33:11 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/02 10:26:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/02 10:26:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/02 10:26:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/02 10:26:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/02 10:26:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/02 01:01:26 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/06/29 23:15:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 23:11:36 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/06/29 22:16:37 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/06/29 22:15:51 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/06/29 22:15:36 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/06/29 22:15:34 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/06/29 22:15:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/06/29 22:15:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/06/29 22:15:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/06/29 22:15:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/06/29 22:14:38 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/06/29 22:09:29 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/29 22:07:42 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/29 21:48:16 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/06/29 21:48:16 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/06/29 21:48:16 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/06/29 21:48:16 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/06/29 21:48:16 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/06/29 21:48:16 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/06/29 21:48:15 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/06/29 21:48:15 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/06/29 21:48:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/06/29 21:48:15 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/06/29 21:48:15 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/06/29 21:48:15 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/06/29 21:48:15 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/06/29 21:48:15 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/06/29 21:48:14 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/06/29 07:10:04 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/29 01:01:13 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/06/28 22:41:55 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/06/28 21:57:07 | 000,000,250 | ---- | C] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/06/28 18:21:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/28 18:21:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/26 13:58:20 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:00 | 000,029,635 | ---- | C] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 16:51:26 | 004,478,300 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/05/22 13:26:42 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\mbam.context.scan
[2010/11/29 15:25:15 | 000,034,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamcatchme.sys
[2009/12/14 15:07:24 | 000,001,316 | ---- | C] () -- C:\Program Files\ComboFix.htm
[2009/12/07 18:04:53 | 000,019,334 | ---- | C] () -- C:\Documents and Settings\All Users\xpnetdiag.xml
[2009/08/07 18:15:33 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\AutoGK.ini
[2009/06/05 16:02:25 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNat.gif
[2009/06/05 16:02:25 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNzn.gif
[2009/06/05 16:02:25 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNby.gif
[2009/04/01 15:14:51 | 000,043,062 | ---- | C] () -- C:\Documents and Settings\COLIN\UserImages.bmp
[2009/02/14 11:10:48 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/12/13 11:39:15 | 007,930,904 | ---- | C] () -- C:\Program Files\dap9.exe
[2008/05/21 15:42:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\COLIN\usb002
[2008/02/06 16:44:12 | 000,000,483 | ---- | C] () -- C:\Program Files\Shortcut to DVD Shrink.lnk
[2007/11/01 23:07:09 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/26 23:13:42 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\COLIN\Application Data\evf
[2007/04/05 01:14:38 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\dm.ini
[2007/01/25 09:01:30 | 000,005,986 | ---- | C] () -- C:\Documents and Settings\COLIN\UserCustomPreset_Adobe Premiere Pro 2.0.vpr
[2006/12/07 08:37:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\ezpinst.exe
[2006/12/07 08:37:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.cat
[2006/12/07 08:37:54 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.inf
[2006/06/10 14:27:28 | 000,002,615 | ---- | C] () -- C:\Program Files\ChingLiu.nfo
[2006/02/27 18:15:06 | 000,217,329 | ---- | C] () -- C:\Program Files\gspot221.exe
[2006/02/04 21:05:20 | 000,000,427 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2006/01/17 16:14:53 | 020,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2006/01/14 13:20:25 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\fusioncache.dat
[2006/01/13 16:55:34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\COLIN\default.pls
[2006/01/13 16:19:38 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/06 12:28:30 | 003,673,932 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86_Archive.cab
[2005/12/06 12:28:04 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2005/12/06 12:28:02 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2005/12/06 12:28:02 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2005/12/06 12:28:02 | 000,041,888 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2005/12/06 12:28:00 | 000,916,806 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86.cab
[2005/12/06 12:27:58 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2005/12/06 12:00:46 | 000,081,092 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2005/12/06 12:00:44 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2005/12/06 12:00:44 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2005/12/06 12:00:44 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2005/12/06 12:00:44 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2005/12/06 12:00:44 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2005/12/06 12:00:44 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2005/12/06 12:00:44 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2005/12/06 12:00:44 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2005/12/06 12:00:42 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2005/12/06 12:00:40 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2005/12/06 12:00:40 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2005/12/06 12:00:40 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2005/12/06 12:00:40 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2:SummaryInformation
@Alternate Data Stream - 4 bytes -> C:\WINDOWS\win.ini:s2
< End of report >
-
Same, frozen.
In control panel : add or remove progs I see:
4shared desktop
and
4shared.com toolbar.
Should I remove these and see if I can then do a windows update?
-
Didn't work. Here's what happened:
1. Deleted the _OTL folder in C.
2. Did the copy/past and runFix on OTL.
3. Running for an hour, frozen.
4. Noticed a window showing MBAM service terminated unexpectidly. (I have put the log file below)
5. Turned the PC on/off and ran OTL again (thinking that maybe MBAM started during the fix and caused it to freeze.
6. Froze....rebooted (on/off) ...frozen.....on/off, now back 'normal'.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5224
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
1/12/2010 10:36:01 PM
mbam-log-2010-12-01 (22-36-01).txt
Scan type: Quick scan
Objects scanned: 165449
Time elapsed: 9 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
going to bed now my friend...Pleas give me instructions for tomorrow while you are s;eepins..LOL/
Have fun.
==========OTL logfile created on: 5/07/2012 10:56:42 PM - Run 4
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\COLIN\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 30.92% Memory free
3.85 Gb Paging File | 2.26 Gb Available in Paging File | 58.81% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 65.78 Gb Free Space | 28.26% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 3.67 Gb Free Space | 98.42% Space Free | Partition Type: FAT32
Drive G: | 931.51 Gb Total Space | 229.63 Gb Free Space | 24.65% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 20.95 Gb Free Space | 2.25% Space Free | Partition Type: NTFS
Computer Name: NEW-TOY | User Name: COLIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/03 21:36:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
PRC - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 13:47:55 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 13:47:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/12/09 22:00:14 | 004,613,624 | ---- | M] (New IT Solutions) -- C:\Program Files\4shared Desktop\desktop.exe
PRC - [2011/06/28 09:03:22 | 001,843,000 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe
PRC - [2011/06/27 09:05:26 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe
PRC - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2008/12/31 16:04:48 | 000,942,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WGATray.exe
PRC - [2007/10/25 12:11:39 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/08/13 08:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/03/09 14:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAIP.EXE
PRC - [2004/08/04 22:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/13 21:12:26 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c1b45d66\system.drawing.dll
MOD - [2012/06/13 21:12:12 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9aa3dcd\system.windows.forms.dll
MOD - [2012/06/13 21:11:47 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/05/09 13:47:56 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/01/13 08:06:42 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3db6a3e6\mscorlib.dll
MOD - [2012/01/13 08:06:32 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cc2b0697\system.xml.dll
MOD - [2012/01/13 08:06:18 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3a3c05f7\system.dll
MOD - [2012/01/13 08:06:07 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/13 08:06:06 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/13 08:06:05 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/12/02 01:44:26 | 000,407,040 | ---- | M] () -- C:\Program Files\4shared Desktop\CMenu32.dll
MOD - [2011/06/28 09:01:38 | 000,397,312 | ---- | M] () -- C:\Program Files\Orbitdownloader\wtlctrl.dll
MOD - [2010/06/13 11:01:28 | 000,410,432 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\Contextmenu.dll
MOD - [2007/10/25 12:11:37 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2006/01/17 15:56:10 | 000,183,296 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MOD - [2006/01/17 15:56:10 | 000,105,472 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
MOD - [2006/01/17 15:56:10 | 000,075,264 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
MOD - [2006/01/16 18:34:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/01/16 18:34:03 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2006/01/16 18:34:02 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2005/10/08 09:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004/08/04 22:00:00 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/04 22:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 13:47:55 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/06/04 09:52:22 | 001,200,128 | ---- | M] (PowerQuest Corporation) [Auto | Stopped] -- C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe -- (V2i Protector)
SRV - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
========== Driver Services (SafeList) ==========
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (TSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COLIN\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/05/09 13:47:56 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 13:47:56 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/11 14:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/01/05 13:46:40 | 001,420,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/18 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/07/07 10:27:28 | 000,070,070 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2004/07/07 08:55:12 | 000,152,049 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2004/06/02 13:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2004/05/20 08:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/05/20 08:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2004/05/20 08:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/11/18 06:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/18 06:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/18 06:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/06/04 09:52:24 | 000,123,957 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PQV2i.sys -- (PQV2i)
DRV - [2003/06/04 09:52:20 | 000,046,900 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQIMount.sys -- (PQIMount)
DRV - [2003/03/08 09:07:58 | 000,029,603 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\glauiad.sys -- (glauiad)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{7B5D77E7-B219-4760-B284-AE305BDFD485}: "URL" = http://www.google.com.au/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_en
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228846
IE - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\COLIN\Application Data\nprhapengine.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD} [2009/11/25 15:34:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}\ [2009/11/30 19:16:23 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/07/02 11:22:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [4shared Update] C:\Program Files\4shared Desktop\checkUpdate.exe (New IT Solutions)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004..\Run: [4shared Desktop] C:\Program Files\4shared Desktop\desktop.exe (New IT Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\COLIN\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1682526488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK File not found
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html File not found
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340975846937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140139436593 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67C731C6-C643-46BD-8865-2DA9C21374CD}: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAD4249-41A8-413E-8C32-51D6B0666FB6}: NameServer = 61.8.0.113,210.23.129.34
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/13 14:27:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/05 12:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\PriceGong
[2012/07/05 12:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\My Documents\My 4shared Sync
[2012/07/05 12:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/07/05 12:49:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\4shared.com
[2012/07/05 12:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit
[2012/07/05 12:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\4shared.com
[2012/07/05 12:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/07/05 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\4shared Tools
[2012/07/05 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\4shared Desktop
[2012/07/05 12:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\4shared Desktop
[2012/07/05 12:48:57 | 003,502,192 | ---- | C] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/04 21:46:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/04 21:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/07/04 21:10:56 | 004,570,624 | R--- | C] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 13:02:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/03 23:15:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/03 23:05:18 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:29 | 000,399,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 21:36:00 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/03 09:30:48 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/02 23:06:54 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 10:33:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/02 10:26:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/02 10:26:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/02 10:26:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/02 10:26:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/02 01:14:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\COLIN\My Documents\ComboFix
[2012/07/02 00:57:19 | 001,544,384 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/02 00:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Desktop\Malwarebytes (D)
[2012/07/02 00:34:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/02 00:33:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/01 09:45:00 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/06/30 07:36:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/06/29 22:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/06/29 22:17:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/06/29 22:17:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/06/29 22:17:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/06/29 22:17:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/06/29 22:17:39 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/06/29 22:17:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/06/29 22:17:36 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/06/29 22:17:35 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/06/29 22:17:35 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/06/29 22:17:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/06/29 22:17:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/06/29 22:17:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/06/29 22:17:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/06/29 22:17:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/06/29 22:17:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/06/29 22:17:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/06/29 22:17:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/06/29 22:17:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/06/29 22:17:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/06/29 22:17:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/06/29 22:17:11 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/06/29 22:17:08 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/06/29 22:17:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/06/29 22:17:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/06/29 22:17:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/06/29 22:17:07 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/06/29 22:17:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/06/29 22:17:07 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/06/29 22:17:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/06/29 22:17:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/06/29 22:17:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/06/29 22:17:06 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/06/29 22:17:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/06/29 22:17:05 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/06/29 22:17:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/06/29 22:17:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/06/29 22:17:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/06/29 22:17:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/06/29 22:17:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/06/29 22:17:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/06/29 22:16:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/06/29 22:16:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/06/29 22:16:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/06/29 22:16:50 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/06/29 22:16:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/06/29 22:16:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/06/29 22:16:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/06/29 22:16:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/06/29 22:16:43 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/06/29 22:16:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/06/29 22:16:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/06/29 22:16:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/06/29 22:16:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/06/29 22:16:38 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/06/29 22:16:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/06/29 22:16:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/06/29 22:16:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/06/29 22:16:37 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/06/29 22:16:37 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/06/29 22:16:36 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/06/29 22:16:34 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/06/29 22:16:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/06/29 22:16:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/06/29 22:16:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/06/29 22:16:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/06/29 22:16:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/06/29 22:16:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/06/29 22:16:12 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/06/29 22:16:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/06/29 22:16:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/06/29 22:16:00 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/06/29 22:16:00 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/06/29 22:15:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/06/29 22:15:57 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/06/29 22:15:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/06/29 22:15:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/06/29 22:15:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/06/29 22:15:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/06/29 22:15:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/06/29 22:15:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/06/29 22:15:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/06/29 22:15:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/06/29 22:15:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/06/29 22:15:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/06/29 22:15:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/06/29 22:15:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/06/29 22:15:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/06/29 22:15:36 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/06/29 22:15:36 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/06/29 22:15:35 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/06/29 22:15:35 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/06/29 22:15:35 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/06/29 22:15:35 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/06/29 22:15:34 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/06/29 22:15:34 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/06/29 22:15:34 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/06/29 22:15:34 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/06/29 22:15:33 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/06/29 22:15:33 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/06/29 22:15:33 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/06/29 22:15:33 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/06/29 22:15:32 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/06/29 22:15:32 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/06/29 22:15:32 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/06/29 22:15:31 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/06/29 22:15:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/06/29 22:15:31 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/06/29 22:15:31 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/06/29 22:15:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/06/29 22:15:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/06/29 22:15:24 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/06/29 22:15:16 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/06/29 22:15:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/06/29 22:15:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/06/29 22:15:09 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/06/29 22:15:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/06/29 22:15:08 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/06/29 22:15:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/06/29 22:15:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/06/29 22:15:08 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/06/29 22:15:08 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/06/29 22:15:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/06/29 22:15:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/06/29 22:15:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/06/29 22:15:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/06/29 22:15:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/06/29 22:15:06 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/06/29 22:15:06 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/06/29 22:15:06 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/06/29 22:15:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/06/29 22:15:06 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/06/29 22:15:06 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/06/29 22:15:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/06/29 22:15:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/06/29 22:15:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/06/29 22:15:04 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/06/29 22:15:04 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/06/29 22:15:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/06/29 22:15:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/06/29 22:15:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/06/29 22:15:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/06/29 22:15:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/06/29 22:15:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/06/29 22:14:59 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/06/29 22:14:59 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/06/29 22:14:59 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/06/29 22:14:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/06/29 22:14:46 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/06/29 22:14:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/06/29 22:14:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/06/29 22:14:39 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/06/29 22:14:38 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/06/29 22:14:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/06/29 22:14:37 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/06/29 22:14:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/06/29 22:14:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/06/29 22:14:36 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/06/29 22:14:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/06/29 22:14:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/06/29 22:14:35 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/06/29 22:14:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/06/29 22:14:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/06/29 22:14:33 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/06/29 22:14:32 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/06/29 22:14:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/06/29 22:14:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/06/29 22:14:06 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/06/29 22:14:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/06/29 22:14:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/06/29 22:13:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/06/29 22:13:46 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/06/29 22:13:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/06/29 22:13:45 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/06/29 22:13:45 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/06/29 22:13:39 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/06/29 22:13:38 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/06/29 22:13:38 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/06/29 22:13:38 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/06/29 22:13:38 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/06/29 22:13:38 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/06/29 22:13:38 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/06/29 22:13:37 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/06/29 22:13:37 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/06/29 22:13:37 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/06/29 22:13:37 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/06/29 22:13:37 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/06/29 22:13:36 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/06/29 22:13:36 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/06/29 22:13:36 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/06/29 22:13:36 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/06/29 22:13:35 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/06/29 22:13:34 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/06/29 22:13:34 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/06/29 22:13:33 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/06/29 22:13:33 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/06/29 22:09:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/06/29 22:09:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/06/29 19:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2012/06/29 16:40:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\COLIN\Recent
[2012/06/29 13:06:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2012/06/28 22:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/28 22:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\FixItCenter
[2012/06/28 18:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Data Recovery
[2012/06/26 13:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\HandBrake
[2012/06/26 13:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Handbrake
[2012/06/26 13:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/06/19 19:15:30 | 017,396,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2009/01/19 11:54:15 | 005,992,404 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\Portable GetRight 6.3e.exe
[2008/12/09 11:27:59 | 002,167,968 | ---- | C] (www.orbitdownloader.com ) -- C:\Program Files\OrbitDownloaderSetup.exe
[2008/07/10 19:55:26 | 000,383,755 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\download-VobSub_2.23.exe
[2006/12/07 08:37:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\COLIN\Application Data\pcouffin.sys
[2006/01/17 15:55:09 | 011,477,288 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXPlay.exe
[2005/12/06 12:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2005/12/06 12:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2005/12/06 12:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/05 23:10:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/05 17:10:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/05 14:15:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/05 12:49:26 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\COLIN\Application Data\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk
[2012/07/05 12:49:10 | 003,502,192 | ---- | M] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/05 12:24:31 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/07/05 12:17:30 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/05 12:15:09 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/07/05 12:14:42 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/07/05 12:14:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/05 10:22:13 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/04 23:23:07 | 009,878,895 | ---- | M] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | M] () -- C:\FixitRegBackup.reg
[2012/07/04 23:02:56 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/07/04 21:10:56 | 004,570,624 | R--- | M] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 18:24:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 23:05:17 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:31 | 000,399,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 21:36:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/03 17:10:45 | 000,001,167 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/07/03 09:22:59 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Anti-Malware.job
[2012/07/02 23:07:05 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 11:22:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/07/02 10:33:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/02 00:57:21 | 001,544,384 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/01 09:41:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/07/01 00:27:36 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/06/29 23:15:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 22:20:55 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/29 22:19:57 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/06/29 22:12:12 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/06/29 22:12:00 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/06/29 22:12:00 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/06/29 22:11:07 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/29 22:08:28 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/06/29 22:06:32 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/06/29 07:10:04 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/28 22:24:13 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/06/28 18:43:40 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/28 18:21:11 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/27 18:14:12 | 000,000,333 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\TV Guide - Australia's TV Guide - Yahoo!7.url
[2012/06/26 16:35:23 | 000,505,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/26 16:35:23 | 000,089,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/26 13:58:20 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:01 | 000,029,635 | ---- | M] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 19:15:46 | 017,396,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2012/06/19 16:51:26 | 004,478,300 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/06/09 21:55:16 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\COLIN\default.pls
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/05 12:49:26 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk
[2012/07/04 23:23:03 | 009,878,895 | ---- | C] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | C] () -- C:\FixitRegBackup.reg
[2012/07/04 18:24:20 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 13:38:27 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/02 11:01:31 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2012/07/02 11:01:30 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2012/07/02 10:58:18 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2012/07/02 10:58:17 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/07/02 10:58:16 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/07/02 10:58:15 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012/07/02 10:58:14 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/07/02 10:58:13 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
[2012/07/02 10:58:12 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
[2012/07/02 10:58:11 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help Center.lnk
[2012/07/02 10:58:09 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Digital Editions.lnk
[2012/07/02 10:58:08 | 000,001,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge.lnk
[2012/07/02 10:33:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/07/02 10:33:11 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/02 10:26:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/02 10:26:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/02 10:26:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/02 10:26:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/02 10:26:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/02 01:01:26 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/06/29 23:15:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 23:11:36 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/06/29 22:16:37 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/06/29 22:15:51 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/06/29 22:15:36 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/06/29 22:15:34 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/06/29 22:15:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/06/29 22:15:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/06/29 22:15:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/06/29 22:15:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/06/29 22:14:38 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/06/29 22:09:29 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/29 22:07:42 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/29 21:48:16 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/06/29 21:48:16 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/06/29 21:48:16 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/06/29 21:48:16 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/06/29 21:48:16 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/06/29 21:48:16 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/06/29 21:48:15 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/06/29 21:48:15 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/06/29 21:48:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/06/29 21:48:15 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/06/29 21:48:15 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/06/29 21:48:15 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/06/29 21:48:15 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/06/29 21:48:15 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/06/29 21:48:14 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/06/29 07:10:04 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/29 01:01:13 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/06/28 22:41:55 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/06/28 21:57:07 | 000,000,250 | ---- | C] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/06/28 18:21:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/28 18:21:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/26 13:58:20 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:00 | 000,029,635 | ---- | C] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 16:51:26 | 004,478,300 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/05/22 13:26:42 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\mbam.context.scan
[2010/11/29 15:25:15 | 000,034,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamcatchme.sys
[2009/12/14 15:07:24 | 000,001,316 | ---- | C] () -- C:\Program Files\ComboFix.htm
[2009/12/07 18:04:53 | 000,019,334 | ---- | C] () -- C:\Documents and Settings\All Users\xpnetdiag.xml
[2009/08/07 18:15:33 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\AutoGK.ini
[2009/06/05 16:02:25 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNat.gif
[2009/06/05 16:02:25 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNzn.gif
[2009/06/05 16:02:25 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNby.gif
[2009/04/01 15:14:51 | 000,043,062 | ---- | C] () -- C:\Documents and Settings\COLIN\UserImages.bmp
[2009/02/14 11:10:48 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/12/13 11:39:15 | 007,930,904 | ---- | C] () -- C:\Program Files\dap9.exe
[2008/05/21 15:42:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\COLIN\usb002
[2008/02/06 16:44:12 | 000,000,483 | ---- | C] () -- C:\Program Files\Shortcut to DVD Shrink.lnk
[2007/11/01 23:07:09 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/26 23:13:42 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\COLIN\Application Data\evf
[2007/04/05 01:14:38 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\dm.ini
[2007/01/25 09:01:30 | 000,005,986 | ---- | C] () -- C:\Documents and Settings\COLIN\UserCustomPreset_Adobe Premiere Pro 2.0.vpr
[2006/12/07 08:37:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\ezpinst.exe
[2006/12/07 08:37:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.cat
[2006/12/07 08:37:54 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.inf
[2006/06/10 14:27:28 | 000,002,615 | ---- | C] () -- C:\Program Files\ChingLiu.nfo
[2006/02/27 18:15:06 | 000,217,329 | ---- | C] () -- C:\Program Files\gspot221.exe
[2006/02/04 21:05:20 | 000,000,427 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2006/01/17 16:14:53 | 020,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2006/01/14 13:20:25 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\fusioncache.dat
[2006/01/13 16:55:34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\COLIN\default.pls
[2006/01/13 16:19:38 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/06 12:28:30 | 003,673,932 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86_Archive.cab
[2005/12/06 12:28:04 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2005/12/06 12:28:02 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2005/12/06 12:28:02 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2005/12/06 12:28:02 | 000,041,888 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2005/12/06 12:28:00 | 000,916,806 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86.cab
[2005/12/06 12:27:58 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2005/12/06 12:00:46 | 000,081,092 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2005/12/06 12:00:44 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2005/12/06 12:00:44 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2005/12/06 12:00:44 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2005/12/06 12:00:44 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2005/12/06 12:00:44 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2005/12/06 12:00:44 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2005/12/06 12:00:44 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2005/12/06 12:00:44 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2005/12/06 12:00:42 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2005/12/06 12:00:40 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2005/12/06 12:00:40 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2005/12/06 12:00:40 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2005/12/06 12:00:40 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2:SummaryInformation
@Alternate Data Stream - 4 bytes -> C:\WINDOWS\win.ini:s2
< End of report >
=
-
OK, runnig the scna for all users now...zzzzz
-
Maniac,
11pm here, I must go to sleep...please give me a task and I'll do it tomorrow (my time).
I have this 4shared takbar that I want to get rid of also.
G'night
Colin
-
here ya go.....
========
OTL logfile created on: 5/07/2012 9:52:31 PM - Run 3
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\COLIN\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 23.71% Memory free
3.85 Gb Paging File | 2.16 Gb Available in Paging File | 56.19% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 65.78 Gb Free Space | 28.26% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 3.67 Gb Free Space | 98.42% Space Free | Partition Type: FAT32
Drive G: | 931.51 Gb Total Space | 229.63 Gb Free Space | 24.65% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 20.95 Gb Free Space | 2.25% Space Free | Partition Type: NTFS
Computer Name: NEW-TOY | User Name: COLIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/03 21:36:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
PRC - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 13:47:55 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 13:47:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/12/09 22:00:14 | 004,613,624 | ---- | M] (New IT Solutions) -- C:\Program Files\4shared Desktop\desktop.exe
PRC - [2011/06/28 09:03:22 | 001,843,000 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe
PRC - [2011/06/27 09:05:26 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe
PRC - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2008/12/31 16:04:48 | 000,942,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WGATray.exe
PRC - [2007/10/25 12:11:39 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/08/13 08:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/03/09 14:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAIP.EXE
PRC - [2004/08/04 22:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/13 21:12:26 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c1b45d66\system.drawing.dll
MOD - [2012/06/13 21:12:12 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c9aa3dcd\system.windows.forms.dll
MOD - [2012/06/13 21:11:47 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/05/09 13:47:56 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/01/13 08:06:42 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3db6a3e6\mscorlib.dll
MOD - [2012/01/13 08:06:32 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cc2b0697\system.xml.dll
MOD - [2012/01/13 08:06:18 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3a3c05f7\system.dll
MOD - [2012/01/13 08:06:07 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/13 08:06:06 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/13 08:06:05 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/12/02 01:44:26 | 000,407,040 | ---- | M] () -- C:\Program Files\4shared Desktop\CMenu32.dll
MOD - [2011/06/28 09:01:38 | 000,397,312 | ---- | M] () -- C:\Program Files\Orbitdownloader\wtlctrl.dll
MOD - [2010/06/13 11:01:28 | 000,410,432 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\Contextmenu.dll
MOD - [2007/10/25 12:11:37 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2006/01/17 15:56:10 | 000,183,296 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MOD - [2006/01/17 15:56:10 | 000,105,472 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
MOD - [2006/01/17 15:56:10 | 000,075,264 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
MOD - [2006/01/16 18:34:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/01/16 18:34:03 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2006/01/16 18:34:02 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2005/10/08 09:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004/08/04 22:00:00 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/04 22:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/09 13:47:56 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 13:47:55 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/09 13:47:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/05/24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/06/04 09:52:22 | 001,200,128 | ---- | M] (PowerQuest Corporation) [Auto | Stopped] -- C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe -- (V2i Protector)
SRV - [2002/11/26 02:12:32 | 000,049,152 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
========== Driver Services (SafeList) ==========
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (TSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COLIN\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/07/05 21:28:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/05/09 13:47:56 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 13:47:56 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/11 14:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/01/05 13:46:40 | 001,420,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/18 08:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/07/07 10:27:28 | 000,070,070 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2004/07/07 08:55:12 | 000,152,049 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2004/06/02 13:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2004/05/20 08:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/05/20 08:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2004/05/20 08:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/11/18 06:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/18 06:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/18 06:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/06/04 09:52:24 | 000,123,957 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PQV2i.sys -- (PQV2i)
DRV - [2003/06/04 09:52:20 | 000,046,900 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQIMount.sys -- (PQIMount)
DRV - [2003/03/08 09:07:58 | 000,029,603 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\glauiad.sys -- (glauiad)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{7B5D77E7-B219-4760-B284-AE305BDFD485}: "URL" = http://www.google.com.au/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_en
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228846
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\COLIN\Application Data\nprhapengine.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{CD8C954F-6F55-4B18-9C29-CFF7CAE269DD} [2009/11/25 15:34:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}: C:\Documents and Settings\COLIN\Local Settings\Application Data\{503D3B1B-796E-4F8E-8AA3-6C90139C2300}\ [2009/11/30 19:16:23 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/07/02 11:22:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\prxtb4sha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [4shared Update] C:\Program Files\4shared Desktop\checkUpdate.exe (New IT Solutions)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKCU..\Run: [4shared Desktop] C:\Program Files\4shared Desktop\desktop.exe (New IT Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\COLIN\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK File not found
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html File not found
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340975846937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140139436593 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67C731C6-C643-46BD-8865-2DA9C21374CD}: DhcpNameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAD4249-41A8-413E-8C32-51D6B0666FB6}: NameServer = 61.8.0.113,210.23.129.34
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\COLIN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/13 14:27:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/05 21:28:48 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/07/05 12:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\PriceGong
[2012/07/05 12:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\My Documents\My 4shared Sync
[2012/07/05 12:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/07/05 12:49:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\4shared.com
[2012/07/05 12:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\Conduit
[2012/07/05 12:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\4shared.com
[2012/07/05 12:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/07/05 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\4shared Tools
[2012/07/05 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\4shared Desktop
[2012/07/05 12:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\4shared Desktop
[2012/07/05 12:48:57 | 003,502,192 | ---- | C] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/04 21:46:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/04 21:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/07/04 21:10:56 | 004,570,624 | R--- | C] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 13:02:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/03 23:15:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/03 23:05:18 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:29 | 000,399,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 21:36:00 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/03 09:30:48 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/02 23:06:54 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 10:33:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/02 10:26:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/02 10:26:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/02 10:26:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/02 10:26:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/02 01:14:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\COLIN\My Documents\ComboFix
[2012/07/02 00:57:19 | 001,544,384 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/02 00:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Desktop\Malwarebytes (D)
[2012/07/02 00:34:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/02 00:33:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/01 09:45:00 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/06/30 07:36:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/06/29 22:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/06/29 22:17:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/06/29 22:17:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/06/29 22:17:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/06/29 22:17:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/06/29 22:17:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/06/29 22:17:39 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/06/29 22:17:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/06/29 22:17:36 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/06/29 22:17:35 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/06/29 22:17:35 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/06/29 22:17:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/06/29 22:17:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/06/29 22:17:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/06/29 22:17:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/06/29 22:17:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/06/29 22:17:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/06/29 22:17:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/06/29 22:17:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/06/29 22:17:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/06/29 22:17:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/06/29 22:17:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/06/29 22:17:11 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/06/29 22:17:08 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/06/29 22:17:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/06/29 22:17:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/06/29 22:17:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/06/29 22:17:07 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/06/29 22:17:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/06/29 22:17:07 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/06/29 22:17:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/06/29 22:17:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/06/29 22:17:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/06/29 22:17:06 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/06/29 22:17:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/06/29 22:17:05 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/06/29 22:17:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/06/29 22:17:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/06/29 22:17:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/06/29 22:17:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/06/29 22:17:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/06/29 22:17:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/06/29 22:17:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/06/29 22:17:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/06/29 22:17:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/06/29 22:17:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/06/29 22:17:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/06/29 22:16:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/06/29 22:16:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/06/29 22:16:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/06/29 22:16:51 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/06/29 22:16:50 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/06/29 22:16:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/06/29 22:16:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/06/29 22:16:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/06/29 22:16:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/06/29 22:16:43 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/06/29 22:16:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/06/29 22:16:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/06/29 22:16:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/06/29 22:16:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/06/29 22:16:38 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/06/29 22:16:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/06/29 22:16:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/06/29 22:16:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/06/29 22:16:37 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/06/29 22:16:37 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/06/29 22:16:36 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/06/29 22:16:34 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/06/29 22:16:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/06/29 22:16:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/06/29 22:16:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/06/29 22:16:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/06/29 22:16:20 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/06/29 22:16:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/06/29 22:16:12 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/06/29 22:16:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/06/29 22:16:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/06/29 22:16:00 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/06/29 22:16:00 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/06/29 22:15:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/06/29 22:15:57 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/06/29 22:15:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/06/29 22:15:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/06/29 22:15:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/06/29 22:15:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/06/29 22:15:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/06/29 22:15:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/06/29 22:15:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/06/29 22:15:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/06/29 22:15:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/06/29 22:15:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/06/29 22:15:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/06/29 22:15:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/06/29 22:15:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/06/29 22:15:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/06/29 22:15:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/06/29 22:15:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/06/29 22:15:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/06/29 22:15:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/06/29 22:15:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/06/29 22:15:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/06/29 22:15:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/06/29 22:15:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/06/29 22:15:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/06/29 22:15:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/06/29 22:15:36 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/06/29 22:15:36 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/06/29 22:15:35 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/06/29 22:15:35 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/06/29 22:15:35 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/06/29 22:15:35 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/06/29 22:15:34 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/06/29 22:15:34 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/06/29 22:15:34 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/06/29 22:15:34 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/06/29 22:15:33 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/06/29 22:15:33 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/06/29 22:15:33 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/06/29 22:15:33 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/06/29 22:15:32 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/06/29 22:15:32 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/06/29 22:15:32 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/06/29 22:15:31 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/06/29 22:15:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/06/29 22:15:31 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/06/29 22:15:31 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/06/29 22:15:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/06/29 22:15:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/06/29 22:15:24 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/06/29 22:15:16 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/06/29 22:15:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/06/29 22:15:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/06/29 22:15:09 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/06/29 22:15:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/06/29 22:15:08 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/06/29 22:15:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/06/29 22:15:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/06/29 22:15:08 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/06/29 22:15:08 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/06/29 22:15:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/06/29 22:15:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/06/29 22:15:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/06/29 22:15:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/06/29 22:15:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/06/29 22:15:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/06/29 22:15:06 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/06/29 22:15:06 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/06/29 22:15:06 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/06/29 22:15:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/06/29 22:15:06 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/06/29 22:15:06 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/06/29 22:15:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/06/29 22:15:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/06/29 22:15:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/06/29 22:15:04 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/06/29 22:15:04 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/06/29 22:15:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/06/29 22:15:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/06/29 22:15:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/06/29 22:15:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/06/29 22:15:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/06/29 22:15:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/06/29 22:14:59 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/06/29 22:14:59 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/06/29 22:14:59 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/06/29 22:14:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/06/29 22:14:46 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/06/29 22:14:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/06/29 22:14:42 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/06/29 22:14:39 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/06/29 22:14:38 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/06/29 22:14:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/06/29 22:14:37 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/06/29 22:14:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/06/29 22:14:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/06/29 22:14:36 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/06/29 22:14:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/06/29 22:14:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/06/29 22:14:35 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/06/29 22:14:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/06/29 22:14:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/06/29 22:14:33 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/06/29 22:14:32 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/06/29 22:14:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/06/29 22:14:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/06/29 22:14:06 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/06/29 22:14:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/06/29 22:14:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/06/29 22:14:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/06/29 22:14:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/06/29 22:13:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/06/29 22:13:46 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/06/29 22:13:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/06/29 22:13:45 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/06/29 22:13:45 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/06/29 22:13:39 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/06/29 22:13:38 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/06/29 22:13:38 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/06/29 22:13:38 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/06/29 22:13:38 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/06/29 22:13:38 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/06/29 22:13:38 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/06/29 22:13:37 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/06/29 22:13:37 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/06/29 22:13:37 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/06/29 22:13:37 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/06/29 22:13:37 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/06/29 22:13:36 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/06/29 22:13:36 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/06/29 22:13:36 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/06/29 22:13:36 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/06/29 22:13:35 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/06/29 22:13:34 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/06/29 22:13:34 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/06/29 22:13:33 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/06/29 22:13:33 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/06/29 22:09:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/06/29 22:09:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/06/29 21:48:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/06/29 21:48:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/06/29 19:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2012/06/29 16:40:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\COLIN\Recent
[2012/06/29 13:06:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2012/06/28 22:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/28 22:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Local Settings\Application Data\FixItCenter
[2012/06/28 18:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Data Recovery
[2012/06/26 13:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Application Data\HandBrake
[2012/06/26 13:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COLIN\Start Menu\Programs\Handbrake
[2012/06/26 13:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/06/19 19:15:30 | 017,396,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2009/01/19 11:54:15 | 005,992,404 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\Portable GetRight 6.3e.exe
[2008/12/09 11:27:59 | 002,167,968 | ---- | C] (www.orbitdownloader.com ) -- C:\Program Files\OrbitDownloaderSetup.exe
[2008/07/10 19:55:26 | 000,383,755 | ---- | C] (Headlight Software, Inc.) -- C:\Program Files\download-VobSub_2.23.exe
[2006/12/07 08:37:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\COLIN\Application Data\pcouffin.sys
[2006/01/17 15:55:09 | 011,477,288 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXPlay.exe
[2005/12/06 12:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2005/12/06 12:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2005/12/06 12:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/05 22:10:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/05 17:10:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/05 14:15:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/05 12:49:26 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\COLIN\Application Data\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk
[2012/07/05 12:49:10 | 003,502,192 | ---- | M] (New IT Solutions) -- C:\Program Files\4shared_Desktop_3[1].3.5M.exe
[2012/07/05 12:24:31 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/07/05 12:17:30 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/05 12:15:09 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/07/05 12:14:42 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/07/05 12:14:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/05 10:22:13 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/04 23:23:07 | 009,878,895 | ---- | M] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | M] () -- C:\FixitRegBackup.reg
[2012/07/04 23:02:56 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/07/04 21:10:56 | 004,570,624 | R--- | M] (Swearware) -- C:\Documents and Settings\COLIN\Desktop\ComboFix.exe
[2012/07/04 18:24:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 23:05:17 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\COLIN\Desktop\tdsskiller.exe
[2012/07/03 22:47:31 | 000,399,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\COLIN\Desktop\unhide.exe
[2012/07/03 21:36:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COLIN\Desktop\OTL.exe
[2012/07/03 17:10:45 | 000,001,167 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/07/03 09:22:59 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Anti-Malware.job
[2012/07/02 23:07:05 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\Desktop\aswMBR.exe
[2012/07/02 11:22:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/07/02 10:33:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/07/02 00:57:21 | 001,544,384 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\COLIN\Desktop\mplayer_installer_1922.exe
[2012/07/01 09:41:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\COLIN\My Documents\aswMBR.exe
[2012/07/01 00:27:36 | 000,000,143 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/06/29 23:15:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 22:20:55 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/29 22:19:57 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/06/29 22:12:12 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/06/29 22:12:00 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/06/29 22:12:00 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/06/29 22:11:07 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/29 22:08:28 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/06/29 22:06:32 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/06/29 07:10:04 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/28 22:24:13 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/06/28 18:43:40 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/28 18:21:11 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/27 18:14:12 | 000,000,333 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\TV Guide - Australia's TV Guide - Yahoo!7.url
[2012/06/26 16:35:23 | 000,505,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/26 16:35:23 | 000,089,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/26 13:58:20 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:01 | 000,029,635 | ---- | M] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 19:15:46 | 017,396,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mpas-fe.exe
[2012/06/19 16:51:26 | 004,478,300 | ---- | M] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/06/09 21:55:16 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\COLIN\default.pls
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/05 12:49:26 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk
[2012/07/04 23:23:03 | 009,878,895 | ---- | C] () -- C:\Qoobox.zip
[2012/07/04 23:14:38 | 000,014,094 | ---- | C] () -- C:\FixitRegBackup.reg
[2012/07/04 18:24:20 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012/07/04 18:24:20 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012/07/04 18:23:26 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Adobe Premiere Pro 2.0 (2).lnk
[2012/07/03 13:38:27 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/07/02 11:01:31 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2012/07/02 11:01:30 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2012/07/02 10:58:18 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2012/07/02 10:58:17 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/07/02 10:58:16 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/07/02 10:58:15 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012/07/02 10:58:14 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/07/02 10:58:13 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
[2012/07/02 10:58:12 | 000,001,932 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
[2012/07/02 10:58:11 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help Center.lnk
[2012/07/02 10:58:09 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Digital Editions.lnk
[2012/07/02 10:58:08 | 000,001,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge.lnk
[2012/07/02 10:33:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/07/02 10:33:11 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/02 10:26:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/02 10:26:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/02 10:26:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/02 10:26:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/02 10:26:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/02 01:01:26 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2
[2012/06/29 23:15:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Shortcut to Internet Explorer.lnk
[2012/06/29 23:11:36 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[2012/06/29 22:16:37 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/06/29 22:15:51 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/06/29 22:15:36 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/06/29 22:15:34 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/06/29 22:15:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/06/29 22:15:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/06/29 22:15:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/06/29 22:15:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/06/29 22:14:38 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/06/29 22:09:29 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/29 22:07:42 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/29 21:48:16 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/06/29 21:48:16 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/06/29 21:48:16 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/06/29 21:48:16 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/06/29 21:48:16 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/06/29 21:48:16 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/06/29 21:48:15 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/06/29 21:48:15 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/06/29 21:48:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/06/29 21:48:15 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/06/29 21:48:15 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/06/29 21:48:15 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/06/29 21:48:15 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/06/29 21:48:15 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/06/29 21:48:14 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/06/29 07:10:04 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMer
[2012/06/29 07:10:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-0gWFIiFCgcbrMe
[2012/06/29 01:01:13 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/06/28 22:41:55 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/06/28 21:57:07 | 000,000,250 | ---- | C] () -- C:\WINDOWS\tasks\Command Prompt.job
[2012/06/28 18:21:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqtr
[2012/06/28 18:21:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-VptbbJKs7vqKqt
[2012/06/26 13:58:20 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\COLIN\Desktop\Handbrake.lnk
[2012/06/26 13:47:00 | 000,029,635 | ---- | C] () -- C:\Program Files\download.htm
[2012/06/21 17:25:07 | 000,273,663 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\Operating_costs_of_gas_appliances.pdf
[2012/06/19 16:51:26 | 004,478,300 | ---- | C] () -- C:\Documents and Settings\COLIN\My Documents\GAS HEATER Manual%20Heater%20User%20Manual.pdf
[2012/05/22 13:26:42 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\mbam.context.scan
[2010/11/29 15:25:15 | 000,034,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamcatchme.sys
[2009/12/14 15:07:24 | 000,001,316 | ---- | C] () -- C:\Program Files\ComboFix.htm
[2009/12/07 18:04:53 | 000,019,334 | ---- | C] () -- C:\Documents and Settings\All Users\xpnetdiag.xml
[2009/08/07 18:15:33 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\AutoGK.ini
[2009/06/05 16:02:25 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNat.gif
[2009/06/05 16:02:25 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNzn.gif
[2009/06/05 16:02:25 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\waQ1P0bNby.gif
[2009/04/01 15:14:51 | 000,043,062 | ---- | C] () -- C:\Documents and Settings\COLIN\UserImages.bmp
[2009/02/14 11:10:48 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/12/13 11:39:15 | 007,930,904 | ---- | C] () -- C:\Program Files\dap9.exe
[2008/05/21 15:42:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\COLIN\usb002
[2008/02/06 16:44:12 | 000,000,483 | ---- | C] () -- C:\Program Files\Shortcut to DVD Shrink.lnk
[2007/11/01 23:07:09 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/26 23:13:42 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\COLIN\Application Data\evf
[2007/04/05 01:14:38 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\dm.ini
[2007/01/25 09:01:30 | 000,005,986 | ---- | C] () -- C:\Documents and Settings\COLIN\UserCustomPreset_Adobe Premiere Pro 2.0.vpr
[2006/12/07 08:37:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\ezpinst.exe
[2006/12/07 08:37:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.cat
[2006/12/07 08:37:54 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\COLIN\Application Data\pcouffin.inf
[2006/06/10 14:27:28 | 000,002,615 | ---- | C] () -- C:\Program Files\ChingLiu.nfo
[2006/02/27 18:15:06 | 000,217,329 | ---- | C] () -- C:\Program Files\gspot221.exe
[2006/02/04 21:05:20 | 000,000,427 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2006/01/17 16:14:53 | 020,921,040 | ---- | C] ( ) -- C:\Program Files\AdbeRdr705_enu_full.exe
[2006/01/14 13:20:25 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\fusioncache.dat
[2006/01/13 16:55:34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\COLIN\default.pls
[2006/01/13 16:19:38 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\COLIN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/06 12:28:30 | 003,673,932 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86_Archive.cab
[2005/12/06 12:28:04 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2005/12/06 12:28:02 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2005/12/06 12:28:02 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2005/12/06 12:28:02 | 000,041,888 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2005/12/06 12:28:00 | 000,916,806 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86.cab
[2005/12/06 12:27:58 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2005/12/06 12:00:46 | 000,081,092 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2005/12/06 12:00:44 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2005/12/06 12:00:44 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2005/12/06 12:00:44 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2005/12/06 12:00:44 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2005/12/06 12:00:44 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2005/12/06 12:00:44 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2005/12/06 12:00:44 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2005/12/06 12:00:44 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2005/12/06 12:00:42 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2005/12/06 12:00:40 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2005/12/06 12:00:40 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2005/12/06 12:00:40 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2005/12/06 12:00:40 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\COLIN\Desktop\router_land.php-tracking=ga1&banner=6.2:SummaryInformation
@Alternate Data Stream - 4 bytes -> C:\WINDOWS\win.ini:s2
< End of report >
-
Run Fix, Run scan?
-
The following happened: how would you like me to proceed?
AND when I click 'start' and then Interent I get a page from conduit.com telling me there is a violation of its use. Related?
I will not proceed until I hear from you.
The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.
For self-help options:
Frequently Asked Questions
Find Solutions
Windows Update Newsgroup
For assisted support options:
Microsoft Online Assisted Support (no-cost for Windows Update issues)
-
OH: when I click on 'start' the internet explorer shows (no add ons) but the link gives an error, but I can get around it.
-
A few things:-
1. Need to update to sp3 and IE7.
2. Favourites in IE are showinh but do noy work, not a big deal but if I add a site to fave, I can see it but the link doesn't work.
3.Don't think I can boot in 'safe' mode'
4. Malwarebytes will not update.
=======I THINK that's all I have to report. It is certainly in a lot better shape than when you first came in..
Maniac: when I do a donation does that go to you?
-
Please ignore the above....have managed to get in to 4share
-
Requires I have IE7. Can I upgrade to this, and get SP3?.
Can I put the zip file here?
-
midnight here...have pity on an old man...will be back in the morning...tired..thanks mate.
-
went to tha site, had to signuo...problem, it asked for my email address then just hangs....
-
OK can see how to PM you...Now, where to upload the zipped file
-
I have deleted MSE and the ASK toolbar.
Now, my friend, I have zippes the directory but can't work out how to upload and where to PM you...
Be kind to me, I am a 70 yo pensioner who was writing COBOL before you were a gleam in your Fathers eye!!
-
just noticed in the prog list in control panel:
Avira seach free toolbar plus web protection.
I would be pleased to ged of this toolbar. Should I remove this and leave Avira Free Antivirus which is a separate entry?
-
Just looked you up: very clever at 18, I am impressed and only 50 years your senior LOL.
Saw a great TV last night on Bulgaria, Greece and Turkey, very nice countryside.
-
1. Don't know how to remove the Ask toolbar. Not in the list of progs via control panel
2. Security essentials. When I click 'rempve' a window comes up: Cannot complete installation. Needs a package...buy this will only download if I have SP3. How to proceed please.
3. SpeedMaxpc removed OK.
==========
advice please
Locked up my files...and other stuff
in Resolved Malware Removal Logs
Posted
My PC will not connect to the internet, so I can not download it.
Let's forget it maniac, I am too stressed out for this. I will reinstall my Windows.
Thank you for recovering my files, that is the bonus for me.
I hope you received my small donation made yesterday, it is the most I can really afford given my circumstances.
I wish you well in your generosity and hope indeed that all goes well for you in life.
Colin