Can't run any search engine and pc is running badly

View previous topic View next topic Go down

Can't run any search engine and pc is running badly

Post by Dragoness on Sun Jan 15, 2012 7:12 pm

I do not know what kind of problem this is but I figured starting here would be good since it happened over night and seem to only affect certain things
About one week ago my pc dropped almost 30% in speed both online and off and at the same time I was no longer able to run any kind of search engine, everything else on my pc works and I can go to all other sites just no search engine and VERY slow. I have given you two logs the first is the OTL the second is a the hijackthis log.


OTL logfile created on: 1/15/2012 11:59:10 AM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Vangie\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 75.51% Memory free
3.82 Gb Paging File | 3.27 Gb Available in Paging File | 85.70% Paging File free
Paging file location(s): C:\pagefile.sys 1000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.99 Gb Total Space | 31.34 Gb Free Space | 21.77% Space Free | Partition Type: NTFS

Computer Name: PAIN | User Name: Vangie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/14 10:25:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/06/04 17:56:20 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files\Ideazon\ZEngine\Zboard.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) -- C:\WINDOWS\system32\dldncoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/15 09:21:55 | 001,678,336 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12011501\algo.dll
MOD - [2012/01/15 01:48:17 | 001,678,336 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12011500\algo.dll
MOD - [2011/10/13 08:23:04 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/13 08:23:04 | 000,280,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/13 08:23:03 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/13 08:22:54 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/13 08:22:47 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011/10/13 07:10:03 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/13 07:09:40 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/13 07:08:55 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/13 07:07:36 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/12 23:52:25 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/12 23:52:12 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/12 23:51:17 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/12 23:51:12 | 000,113,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/12 23:51:11 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/06/04 17:55:46 | 000,018,432 | ---- | M] () -- C:\Program Files\Ideazon\ZEngine\AxInterop.WBOCXLib.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/24 21:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2008/01/22 10:48:56 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldndrpp.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Symantec Core LC)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldncoms.exe -- (dldn_device)
SRV - [2005/10/27 21:41:52 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/05 00:42:44 | 000,023,608 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wmamp3DriverV32.sys -- (wmamp3DriverV32)
DRV - [2011/09/09 11:10:19 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/06/21 15:07:39 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/11/04 16:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 16:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 16:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 16:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/23 09:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 11:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006/11/15 15:06:56 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/11/15 14:49:49 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006/11/15 14:46:36 | 000,642,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006/10/19 20:51:23 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/07/24 15:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/05 01:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/04 12:55:40 | 000,034,944 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham.sys -- (Alpham)
DRV - [2004/06/09 07:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2004/04/14 22:13:00 | 000,339,488 | R--- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/11/17 19:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 19:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 19:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



O1 HOSTS File: ([2012/01/14 16:59:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient_2.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\TWEAKUI.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - Startup: C:\Documents and Settings\Vangie\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FC0B975-D563-4B08-8B35-66804778B163}: DhcpNameServer = 68.87.85.102 68.87.69.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A3F0D92-0D36-45F8-9AD8-B83F444A49BD}: DhcpNameServer = 75.75.76.76 75.75.75.75
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 02:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/16 15:46:54 | 000,049,244 | ---- | M] () - C:\autoruns.chm -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 15:47:50 | 000,648,064 | ---- | M] (Sysinternals - [You must be registered and logged in to see this link.] - C:\autoruns.exe -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 15:47:48 | 000,540,560 | ---- | M] (Sysinternals - [You must be registered and logged in to see this link.] - C:\autorunsc.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/15 11:52:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/15 11:46:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/01/14 16:37:17 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/14 16:33:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/14 16:33:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/14 16:33:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/14 16:33:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/14 16:32:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/14 16:32:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Vangie\My Documents\My Pictures
[2012/01/14 16:26:53 | 004,383,253 | R--- | C] (Swearware) -- C:\Documents and Settings\Vangie\Desktop\ComboFix.exe
[2012/01/14 10:25:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/01/11 20:23:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vangie\Recent
[2011/12/22 18:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Start Menu\Programs\Curse
[2011/12/17 16:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Desktop\Bills paid
[2008/03/04 21:42:42 | 000,320,752 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnih.exe
[2008/03/04 21:42:40 | 000,595,184 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncoms.exe
[2008/03/04 21:42:40 | 000,365,808 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncfg.exe
[2008/01/23 19:49:00 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnpmui.dll
[2008/01/23 19:45:58 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnserv.dll
[2008/01/23 19:42:42 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnlmpm.dll
[2008/01/23 19:42:40 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldniesc.dll
[2008/01/23 19:42:28 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomm.dll
[2008/01/23 19:41:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnhbn3.dll
[2008/01/23 19:41:00 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnusb1.dll
[2008/01/23 19:40:30 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomc.dll
[2008/01/23 19:39:24 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnprox.dll
[2008/01/23 19:37:30 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldninpa.dll
[2006/10/19 20:23:12 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccserv.dll
[2006/10/19 20:23:12 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccusb1.dll
[2006/10/19 20:23:12 | 000,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcchbn3.dll
[2006/10/19 20:23:12 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomc.dll
[2006/10/19 20:23:12 | 000,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpmui.dll
[2006/10/19 20:23:12 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccoms.exe
[2006/10/19 20:23:12 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcclmpm.dll
[2006/10/19 20:23:12 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomm.dll
[2006/10/19 20:23:12 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccih.exe
[2006/10/19 20:23:12 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccfg.exe
[2006/10/19 20:23:12 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccprox.dll
[2006/10/19 20:23:12 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpplc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/15 11:42:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/15 11:41:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/15 11:41:02 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/14 16:59:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/14 16:37:24 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2012/01/14 16:27:08 | 004,383,253 | R--- | M] (Swearware) -- C:\Documents and Settings\Vangie\Desktop\ComboFix.exe
[2012/01/14 14:34:20 | 000,049,238 | ---- | M] () -- C:\Documents and Settings\Vangie\Application Data\wklnhst.dat
[2012/01/14 11:29:09 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/01/14 10:25:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/01/10 12:01:51 | 000,041,385 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\2368485044_DR_morupzij.3d2.TIFF
[2012/01/10 12:00:59 | 000,037,127 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\2368485700_DR_tt32l0lw.r04.TIFF
[2012/01/06 21:39:49 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/01/03 12:53:53 | 000,244,770 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\Leap letter.jpg
[2011/12/29 15:01:44 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/22 18:28:07 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\Curse Client.appref-ms
[2011/12/18 15:20:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\WINDOWS\System32\sihimelu
[2012/01/14 16:33:05 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/14 16:33:05 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/14 16:33:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/14 16:33:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/14 16:33:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/10 12:01:49 | 000,041,385 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\2368485044_DR_morupzij.3d2.TIFF
[2012/01/10 12:00:57 | 000,037,127 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\2368485700_DR_tt32l0lw.r04.TIFF
[2012/01/03 12:53:52 | 000,244,770 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\Leap letter.jpg
[2011/12/29 15:01:44 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/05 16:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\2s18yw0b74o842
[2011/12/05 16:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2s18yw0b74o842
[2011/06/13 10:05:02 | 001,015,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/12 01:29:08 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/12 01:29:06 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/12 01:29:06 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/01/23 03:45:16 | 000,397,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1051316268-97930376-468757803-1005-0.dat
[2011/01/23 03:45:14 | 000,334,418 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/12 17:35:12 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/10/12 17:35:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/18 17:36:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/01 17:32:56 | 000,000,174 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2010/04/19 19:40:31 | 000,010,600 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\x3Cg6jfw84
[2009/12/27 13:00:14 | 031,557,664 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/10/04 09:36:40 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/10/04 09:36:40 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2009/10/04 09:36:40 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/10/04 09:36:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/09/27 15:12:22 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/30 17:56:04 | 000,016,982 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2009/06/26 00:31:34 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/06/07 14:24:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/06/07 14:24:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/03/19 09:20:15 | 000,000,147 | ---- | C] () -- C:\WINDOWS\AvDetected.ini
[2008/09/17 17:17:21 | 000,000,529 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008/09/17 17:04:33 | 000,000,281 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2008/04/04 23:18:55 | 000,000,023 | ---- | C] () -- C:\WINDOWS\settings.ini
[2008/02/11 02:13:10 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldninsr.dll
[2008/02/11 02:13:04 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldncur.dll
[2008/02/11 02:12:40 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldnjswr.dll
[2008/02/11 02:09:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldninsb.dll
[2008/02/11 02:09:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldncub.dll
[2008/02/11 02:07:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldncu.dll
[2008/02/11 02:07:32 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldnins.dll
[2008/02/11 02:05:20 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\dldnutil.dll
[2008/02/11 02:04:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldngrd.dll
[2008/01/29 19:49:04 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldndrs.dll
[2008/01/23 11:08:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldncaps.dll
[2008/01/22 01:05:56 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldncfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldncoin.dll
[2007/10/02 13:51:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldncnv4.dll
[2007/07/27 22:30:06 | 000,283,648 | ---- | C] () -- C:\WINDOWS\uninst.exe
[2007/07/05 00:03:44 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldnvs.dll
[2007/04/19 10:26:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/04/19 10:26:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/02/16 22:51:47 | 000,145,494 | ---- | C] () -- C:\Documents and Settings\Vangie\Application Data\Cosmos Prefs
[2007/01/25 19:25:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/01/03 15:24:06 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/12 16:04:03 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/24 22:08:18 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\385196AA1C.sys
[2006/11/15 17:33:28 | 000,000,076 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/11/15 16:42:54 | 000,049,238 | ---- | C] () -- C:\Documents and Settings\Vangie\Application Data\wklnhst.dat
[2006/11/15 16:10:12 | 000,000,528 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/11/15 16:05:46 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/11/15 16:05:46 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/11/15 11:23:41 | 000,004,600 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/15 10:58:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/15 10:17:25 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\fusioncache.dat
[2006/10/19 21:05:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/19 20:58:59 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/19 20:55:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/19 20:53:29 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/19 20:50:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/19 20:23:12 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll
[2006/10/19 20:23:12 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll
[2006/10/19 20:23:12 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll
[2006/10/19 20:23:12 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll
[2006/10/19 20:23:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll
[2006/10/19 20:23:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll
[2006/10/19 20:23:12 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll
[2006/10/19 20:23:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll
[2006/10/19 20:23:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll
[2006/10/19 20:23:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll
[2006/10/19 20:22:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/19 20:22:06 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 06:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 02:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 02:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 02:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 02:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 02:27:59 | 000,348,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 02:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 02:18:33 | 000,533,554 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 02:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 02:18:33 | 000,099,520 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 02:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 02:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 02:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 02:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 02:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 02:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 02:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 02:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 12:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 12:00:16 | 000,000,611 | ---- | C] () -- C:\WINDOWS\System32\dlccplc.ini

< End of report >


Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 12:11:25 PM, on 1/15/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dldncoms.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient_2.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: dldn_device - - C:\WINDOWS\system32\dldncoms.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7743 bytes

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Mon Jan 16, 2012 2:58 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
***********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Mon Jan 16, 2012 8:51 pm

I try to post it and I get this message and it wont let me post what you asked for

You haven't got the rights to access this page


Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Tue Jan 17, 2012 12:09 am

[You must be registered and logged in to see this link.] wrote:I try to post it and I get this message and it wont let me post what you asked for

You haven't got the rights to access this page

I'm going to check with Adm. to see what's happening.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Tue Jan 17, 2012 7:17 pm

Adm. reported that there is apparent reason why your can't copy and paste your logs in your reply. Are you logged in?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Tue Jan 17, 2012 7:33 pm

Yes I was logged in that is why my above post has my screen name next to it but I logged out and back in again and it didnt help I pasted the log and hit send and got the same message. =( if I can't paste the logs I can't get any help :sad:

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Tue Jan 17, 2012 11:28 pm

[You must be registered and logged in to see this link.] wrote:Yes I was logged in that is why my above post has my screen name next to it but I logged out and back in again and it didnt help I pasted the log and hit send and got the same message. =( if I can't paste the logs I can't get any help :sad:
I have another user with the exact same problem. If it's not resolved soon we'll try access the logs through a private message.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Thu Jan 19, 2012 2:51 pm

I tried again and same problem.
So while I wait do you have any idea what would be preventing me from being able to run any type of search engine, Have you ever heard of this type of problem before? My avast finds nothing wrong and my Malwarebytes Anti-Malware finds nothing wrong.

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Thu Jan 19, 2012 6:55 pm

So while I wait do you have any idea what would be preventing me from being able to run any type of search engine,
What happens when you try a search engine?

Could you please try to run the DDS scan and try to post the logs. If it still won't let you, send them to me using the pm system.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Fri Jan 20, 2012 7:30 pm

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*******************************************************
Download Combofix from any of the links below, and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.

Refer to this image:

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [URL="http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications.html"]here[/URL] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click PCHelpForum.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Sat Jan 21, 2012 4:40 am

((((((((((((((((((((((((( Files Created from 2011-12-21 to 2012-01-21 )))))))))))))))))))))))))))))))
.
.
2012-01-21 03:38 . 2011-11-10 12:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-21 03:13 . 2012-01-21 03:13 63115 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-01-21 03:13 . 2012-01-21 03:13 9310 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-01-21 03:13 . 2012-01-21 03:13 8646 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-01-21 03:13 . 2012-01-21 03:13 6429 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-01-21 03:13 . 2012-01-21 03:13 5927 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-01-21 03:13 . 2012-01-21 03:13 4599 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-01-21 03:13 . 2012-01-21 03:13 8613 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-01-21 03:13 . 2012-01-21 03:13 1651 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-01-21 03:13 . 2012-01-21 03:13 6910 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-01-21 03:12 . 2012-01-21 03:12 8288 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-01-21 03:12 . 2012-01-21 03:12 6208 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-01-21 03:12 . 2012-01-21 03:12 18541 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-01-21 03:12 . 2012-01-21 03:12 51852 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-01-21 03:12 . 2012-01-21 03:12 7271 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-01-21 03:12 . 2012-01-21 03:12 23327 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-01-21 03:12 . 2012-01-21 03:12 20719 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-01-21 03:12 . 2012-01-21 03:12 8782 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 22:24 . 2009-12-30 20:46 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2005-08-16 09:18 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2005-08-16 09:18 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2005-08-16 09:18 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-10 10:27 . 2008-11-23 00:22 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:20 . 2005-08-16 09:18 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2005-08-16 09:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2005-08-16 09:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2005-08-16 09:18 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28 . 2005-08-16 09:18 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2005-08-16 09:18 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2005-08-16 09:18 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2005-08-16 09:18 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2005-08-16 09:18 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-04 03:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-21 03:38 . 2012-01-21 03:38 16384 c:\windows\Temp\Perflib_Perfdata_d30.dat
- 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2005-08-16 09:18 . 2011-11-06 18:37 99520 c:\windows\system32\perfc009.dat
+ 2005-08-16 09:18 . 2012-01-15 21:26 99520 c:\windows\system32\perfc009.dat
+ 2005-08-16 09:18 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 10:31 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 10:31 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
+ 2005-08-16 09:18 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
- 2005-08-16 09:18 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2009-07-03 06:56 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-07-03 06:56 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
- 2009-03-08 10:31 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 10:31 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-08-09 02:51 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-08-09 02:51 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2009-03-08 10:34 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 10:34 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-12-14 07:08 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-25 10:49 . 2011-12-25 10:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2011-07-08 20:00 . 2011-07-08 20:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-25 18:07 . 2011-12-25 18:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 18:04 . 2011-07-07 18:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 18:04 . 2011-07-07 18:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2011-07-07 18:03 . 2011-07-07 18:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2011-07-07 19:09 . 2011-07-07 19:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-12-25 06:49 . 2011-12-25 06:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-12-25 06:49 . 2011-12-25 06:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2011-07-07 19:09 . 2011-07-07 19:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-03-16 20:34 . 2011-10-13 06:45 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-01-15 21:27 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_dc1f3b23\System.Drawing.Design.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_66ac3260\CustomMarshalers.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\750de53f30e516eb2c62de9bab7954e9\System.Web.DynamicData.Design.ni.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-13 06:37 . 2011-10-13 06:37 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-15 21:28 . 2012-01-15 21:28 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-13 06:51 . 2011-10-13 06:51 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2005-08-16 09:18 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
- 2005-08-16 09:18 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2005-08-16 09:18 . 2012-01-15 21:26 533554 c:\windows\system32\perfh009.dat
- 2005-08-16 09:18 . 2011-11-06 18:37 533554 c:\windows\system32\perfh009.dat
+ 2005-08-16 09:18 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
- 2009-03-08 10:32 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
+ 2009-03-08 10:32 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
+ 2012-01-21 03:38 . 2011-11-10 12:54 157472 c:\windows\system32\javaws.exe
+ 2012-01-21 03:38 . 2011-11-10 12:54 149280 c:\windows\system32\javaw.exe
+ 2012-01-21 03:38 . 2011-11-10 12:54 149280 c:\windows\system32\java.exe
+ 2005-08-16 09:18 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
+ 2005-08-16 09:18 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2005-08-16 09:18 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
- 2005-08-16 09:27 . 2011-10-13 14:02 348200 c:\windows\system32\FNTCACHE.DAT
+ 2005-08-16 09:27 . 2012-01-16 00:07 348200 c:\windows\system32\FNTCACHE.DAT
+ 2005-08-16 09:18 . 2011-10-15 00:38 456192 c:\windows\system32\encdec.dll
- 2005-08-16 09:18 . 2011-02-05 00:48 456192 c:\windows\system32\encdec.dll
+ 2010-06-18 17:45 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
- 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-31 19:52 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
- 2009-03-08 10:34 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 10:34 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 10:32 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-03-08 10:32 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-08-09 02:51 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-08-09 02:51 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-07-03 06:56 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-07-03 06:56 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-03-08 10:31 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 10:31 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-10 01:24 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-10 01:24 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 20:09 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 20:09 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-03-08 10:32 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 10:32 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2006-10-10 00:12 . 2011-10-15 00:38 456192 c:\windows\system32\dllcache\encdec.dll
- 2006-10-10 00:12 . 2011-02-05 00:48 456192 c:\windows\system32\dllcache\encdec.dll
+ 2011-12-26 11:39 . 2011-12-26 11:39 192792 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2011-12-25 10:49 . 2011-12-25 10:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2011-07-07 18:04 . 2011-07-07 18:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-12-25 05:55 . 2011-12-25 05:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2011-07-07 18:01 . 2011-07-07 18:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-25 06:49 . 2011-12-25 06:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2011-07-07 19:09 . 2011-07-07 19:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Sat Jan 21, 2012 4:42 am

+ 2012-01-15 21:18 . 2012-01-15 21:18 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-12-25 12:40 . 2011-12-25 12:40 819200 c:\windows\Installer\8e6918.msp
+ 2012-01-21 03:39 . 2012-01-21 03:39 203776 c:\windows\Installer\17bc78.msi
- 2010-03-16 20:34 . 2011-10-13 06:45 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2012-01-15 21:27 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2012-01-15 21:27 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2012-01-15 21:27 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2012-01-15 21:27 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2012-01-15 21:27 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2005-08-05 18:06 . 2011-11-02 16:25 107008 c:\windows\ehome\mstvcapn.dll
- 2005-08-05 18:06 . 2006-10-10 00:12 107008 c:\windows\ehome\mstvcapn.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3f31290a\System.Drawing.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_801d246c\System.Drawing.Design.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_22fbd804\CustomMarshalers.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0bda7bdfaf440d5dd4bc6a1dea7ffa39\System.Web.Routing.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6e29f9faa74a48b83a13a3413b826295\System.Web.Extensions.Design.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\be8965fe859bc53dff61579bf626858b\System.Web.Entity.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\8441b3eb247e0344fede848337ee911c\System.Web.Entity.Design.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\09c6a41f187ba483486cdb92dad714a1\System.Web.DynamicData.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5efb726d424b9712632eff749411fa89\System.Web.Abstractions.ni.dll
+ 2012-01-15 21:31 . 2012-01-15 21:31 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
+ 2012-01-15 21:34 . 2012-01-15 21:34 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\f374e8e7849a72d1470b4a6a0771a137\System.Data.Entity.Design.ni.dll
+ 2012-01-15 21:34 . 2012-01-15 21:34 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\439732479756e0f6df88d29e50a402bf\ServiceModelReg.ni.exe
+ 2012-01-15 21:34 . 2012-01-15 21:34 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1f06f1fefba8e5eb776a51894d1eb9d8\Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2012-01-15 21:34 . 2012-01-15 21:34 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\c688b8e8c6e97a8647298c560da41f7d\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 391168 c:\windows\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\ac30c2266a6132244c24583c78722427\Iris.Mapi.MessageStore.ni.dll
+ 2012-01-15 21:31 . 2012-01-15 21:31 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bfcea15c95909860c4f4ac19bd7a2d6c\AspNetMMCExt.ni.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-01-15 21:34 . 2012-01-15 21:34 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
+ 2005-08-16 09:18 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
- 2009-03-08 10:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 10:32 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2008-11-20 16:05 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
+ 2005-08-16 09:18 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2005-08-16 09:18 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:12 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2005-08-16 09:18 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
- 2008-11-20 16:05 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-20 16:05 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-20 16:05 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-11-20 16:05 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-20 16:05 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-11-20 16:05 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2005-08-16 09:18 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2005-08-16 09:18 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-21 06:44 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
- 2009-07-03 06:56 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2009-07-03 06:56 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 18:07 . 2011-12-25 18:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2011-07-08 19:59 . 2011-07-08 19:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2011-07-07 18:02 . 2011-07-07 18:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-25 05:54 . 2011-12-25 05:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2011-07-07 18:02 . 2011-07-07 18:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-25 05:53 . 2011-12-25 05:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-25 18:06 . 2011-12-25 18:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2011-07-08 19:59 . 2011-07-08 19:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-01-15 21:19 . 2012-01-15 21:19 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-01-15 21:18 . 2012-01-15 21:18 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-13 06:40 . 2011-10-13 06:40 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-11-01 20:34 . 2011-11-01 20:34 4250112 c:\windows\Installer\8e6930.msp
+ 2011-12-26 16:59 . 2011-12-26 16:59 4368896 c:\windows\Installer\8e68f9.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2247168 c:\windows\Installer\8e68ef.msp
+ 2011-11-11 23:14 . 2011-11-11 23:14 9096192 c:\windows\Installer\8e68d9.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 4225536 c:\windows\Installer\8e68c3.msp
+ 2011-11-01 20:34 . 2011-11-01 20:34 2531840 c:\windows\Installer\8e68a8.msp
+ 2011-11-11 23:15 . 2011-11-11 23:15 1795584 c:\windows\Installer\8e6892.msp
+ 2011-12-26 12:06 . 2011-12-26 12:06 5115392 c:\windows\Installer\8e687d.msp
+ 2011-12-09 02:24 . 2011-12-09 02:24 4989952 c:\windows\Installer\8e6876.msp
+ 2011-11-11 23:16 . 2011-11-11 23:16 8458240 c:\windows\Installer\8e6860.msp
+ 2010-03-16 20:34 . 2012-01-15 21:34 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-03-16 20:34 . 2011-10-13 06:45 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-03-16 20:34 . 2012-01-15 21:34 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-04-03 03:44 . 2009-04-03 03:44 2532224 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6425\GRAPH.EXE
+ 2012-01-15 21:27 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2012-01-15 21:27 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2012-01-15 21:27 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
- 2008-11-20 16:05 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-20 16:05 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-20 16:05 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-11-20 16:05 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-11-20 16:05 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-11-20 16:05 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-11-20 16:05 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-11-20 16:05 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-01-15 21:29 . 2012-01-15 21:29 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f2658e38\System.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_dda9a6a0\System.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_ab7124dc\System.Xml.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_a82d0d22\System.Xml.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ea18518a\System.Windows.Forms.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b6ead0d3\System.Windows.Forms.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_71c49356\System.Drawing.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_dd2322ba\System.Design.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_bd14ad29\System.Design.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_5bc596c3\mscorlib.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_5420b29b\mscorlib.dll
+ 2012-01-15 21:36 . 2012-01-15 21:36 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\05c29118462056cf810df0b6aa660d05\System.WorkflowServices.ni.dll
+ 2012-01-15 21:36 . 2012-01-15 21:36 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\26b3258c559dc0ab6bdce481ffd458b3\System.Workflow.Runtime.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1642d1b72cd84caf24cbe7c5e8fd8368\System.Workflow.ComponentModel.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32ce12c3c2049f2df94c44c94b052e16\System.Workflow.Activities.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f63ae1310e004777e880f28377bcddd2\System.Web.Services.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c99b02434e71ca9898bebbc08d63e885\System.Web.Mobile.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c8f78b9e94857fdf6c2a378dd1629ee0\System.Web.Extensions.ni.dll
+ 2012-01-15 21:35 . 2012-01-15 21:35 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ae749b024162e9ac79110c633b5ce6be\System.ServiceModel.Web.ni.dll
+ 2012-01-15 21:33 . 2012-01-15 21:33 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\23eb4618c9d171be9fb551a13a475a32\System.IdentityModel.ni.dll
+ 2012-01-15 21:34 . 2012-01-15 21:34 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f35064c125799df650c1a959d8fa450b\System.Data.Services.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 4466688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\e453836f6474225715961e11f1d4ca90\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils.ni.dll
+ 2012-01-15 21:33 . 2012-01-15 21:33 2831360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\691ea827ea1d22ed44cc97155d8c4514\Microsoft.BusinessSolutions.eCRM.Reports2.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 2359808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\34ff7a964caa13c7af359bcd7c9704b3\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ni.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 3826176 c:\windows\assembly\NativeImages_v2.0.50727_32\BusinessLayer\7964a1670ce928c51ca4a5b9a550524f\BusinessLayer.ni.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-15 21:29 . 2012-01-15 21:29 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-07 07:50 . 2010-10-07 07:50 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-13 06:51 . 2011-10-13 06:51 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-01-15 21:26 . 2012-01-15 21:26 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-26 09:07 . 2011-10-13 06:51 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 06:37 . 2011-10-13 06:37 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-01-15 21:28 . 2012-01-15 21:28 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-01-15 21:28 . 2012-01-15 21:28 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-15 21:28 . 2012-01-15 21:28 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-11 09:51 . 2012-01-05 00:15 52128560 c:\windows\system32\MRT.exe
- 2009-03-08 10:39 . 2011-08-23 23:48 11081728 c:\windows\system32\ieframe.dll
+ 2009-03-08 10:39 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
- 2009-07-03 06:56 . 2011-08-23 23:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2009-07-03 06:56 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-27 00:02 . 2011-12-27 00:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-12-26 16:02 . 2011-12-26 16:02 19677184 c:\windows\Installer\8e6912.msp
+ 2012-01-15 21:27 . 2011-08-23 23:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2012-01-15 21:32 . 2012-01-15 21:32 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
+ 2012-01-15 21:33 . 2012-01-15 21:33 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll
+ 2012-01-15 21:28 . 2012-01-15 21:28 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e15d80ffb037e9171fa4bd2e0233497\System.Design.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-07-22 23:53 787744 ----a-w- c:\program files\Yontoo Layers Runtime\YontooIEClient_2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [2000-06-18 106544]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Zboard"="c:\program files\Ideazon\ZEngine\Zboard.exe" [2009-06-05 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-25 460872]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\Vangie\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-4-1 0]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
2005-10-21 07:40 430080 ----a-w- c:\program files\Dell Photo AIO Printer 924\dlccmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 11:12 98304 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 19:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-07-06 12:15 151552 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 19:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 23:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 23:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 15:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-24 22:20 282624 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
2000-06-18 22:03 106544 ----a-w- c:\windows\system32\TWEAKUI.CPL
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Ideazon\\ZEngine\\Zboard.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\dldncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldntime.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Vangie\\Local Settings\\Apps\\2.0\\Q8HXQDY5.JVQ\\MQOXQM36.PWK\\coho..tion_4fdd38d166a17713_0001.0001_2ea3ae6aea32b9ef\\CoHOLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\carnath1\\synergy\\hl2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\gPotato.com\\Allods Online\\bin\\Launcher.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnjswx.exe"=
"c:\\Documents and Settings\\Vangie\\Local Settings\\Apps\\2.0\\C0Q33AMY.GNK\\GJZJ7Q39.79O\\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\\CurseClient.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"57803:TCP"= 57803:TCP:Pando Media Booster
"57803:UDP"= 57803:UDP:Pando Media Booster
"56894:TCP"= 56894:TCP:Pando Media Booster
"56894:UDP"= 56894:UDP:Pando Media Booster
"58696:TCP"= 58696:TCP:Pando Media Booster
"58696:UDP"= 58696:UDP:Pando Media Booster
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/25/2011 8:18 PM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/27/2009 3:15 PM 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/27/2009 3:15 PM 19544]
R2 dldn_device;dldn_device;c:\windows\system32\dldncoms.exe -service --> c:\windows\system32\dldncoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/30/2009 1:46 PM 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/30/2009 1:46 PM 20464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/12/2011 1:33 AM 91496]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [12/29/2006 5:34 PM 47360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 5:45 PM 135664]
S3 Alpham;Ideazon Merc Composite Keyboard Driver;c:\windows\system32\drivers\Alpham.sys [12/4/2005 12:55 PM 34944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 5:45 PM 135664]
S3 wmamp3DriverV32;wmamp3DriverV32;c:\windows\system32\drivers\wmamp3DriverV32.sys [10/15/2011 3:49 PM 23608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [10/15/2011 4:02 PM 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [10/15/2011 4:02 PM 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [10/15/2011 4:03 PM 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [10/15/2011 4:03 PM 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [10/15/2011 4:03 PM 25704]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/15/2006 2:46 PM 642560]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultUrl = [You must be registered and logged in to see this link.]
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{7A3F0D92-0D36-45F8-9AD8-B83F444A49BD}: DhcpNameServer = 75.75.76.76 75.75.75.75
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PDF Reader - c:\program files\PDFReader\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-01-20 21:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\SecuROM\License information*]
"datasecu"=hex:a2,3d,27,13,b6,93,b7,67,36,4f,2c,62,a7,9c,18,48,0c,9b,7e,dc,25,
bc,9f,55,fc,c7,d6,b3,df,31,d2,0f,3d,e7,45,2a,9c,49,b5,76,78,fb,b1,20,e2,58,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3148)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2012-01-20 21:34:09
ComboFix-quarantined-files.txt 2012-01-21 04:33
ComboFix2.txt 2012-01-15 00:07
ComboFix3.txt 2010-01-31 05:20
.
Pre-Run: 33,324,244,992 bytes free
Post-Run: 33,418,629,120 bytes free
.
- - End Of File - - E76BD3484FF9F1F2B43048134EA11AE6

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Sat Jan 21, 2012 4:54 am

ok found something ODD I went in and checked my Java and just to see what would happen I clicked Update and I got the below message

Java(TM) Update Checker has encountered a problem and needs to close. We are sorry for the inconvenience.

Then I clicked "For more information about this error click here and I got the below message" ....????


AppName: jucheck.exe AppVer: 2.0.6.1 ModName: user32.dll
ModVer: 5.1.2600.5512 Offset: 000187f1

What is going on with it? =(

I did this after I did everything exactly the way you told me to.

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Sat Jan 21, 2012 7:25 pm

This is not the complete ComboFix log. If it was installed on your desktop you should be able to find the complete log on your C: drive in the ComboFix folder.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Sat Jan 21, 2012 8:48 pm

not going to happen =( I am now on another pc in my home because now I get the blue screen of death and it says page_fault_in_nonpaged_area and I have tried every safe mode known to man and I can not get it to work I just get the same blue screen. I have tried recovery and every other option and nothing works so what ever was wrong with my pc it has completely taken over. So now what do I do?

ps when that disk you had me useing to try and even get back into my pc remember I said the scan was getting stuck, the funny thing is it was getting stuck on a drive that doesnt do anything it said drive D and drive D is a disk drive =/


Last edited by Dragoness on Mon Jan 23, 2012 3:19 am; edited 1 time in total

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Sun Jan 22, 2012 12:01 am

Go to this link to create a [You must be registered and logged in to see this link.] or to this site to create a [You must be registered and logged in to see this link.]. Carefully follow all the instructions for whichever method you choose.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Sun Jan 22, 2012 1:16 am

sorry that doesn't work with the rescue disk in, when I try to start my pc it does the same thing and goes straight to the blue screen of death, it doesnt even notice the disk in the drive.

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Sun Jan 22, 2012 2:09 am

You will have to change the BIOS to boot first from the disk.

If you do not know how to set your computer to boot from CD follow the steps [You must be registered and logged in to see this link.]

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Mon Jan 23, 2012 12:44 am

I have tried runing that thing you told me to run 4 times now and it keeps getting stuck on the same file and can't pass it. I even left it run all night and it just can not passs this file... /win/D:/program files/microsoft digital image 2006/1033/movies/exploring.htm I just don't know what to do now =(

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Mon Jan 23, 2012 1:43 am

Ok. Let's try another one.

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

  • Place a blank CD-R disc in to your CD burning drive.
  • Download [You must be registered and logged in to see this link.] and double-click on it to burn to a CD using an ISO Burner. One can be found [You must be registered and logged in to see this link.]
  • Reboot your system using the boot CD you just created.
  • Note : If you do not know how to set your computer to boot from CD follow the steps [You must be registered and logged in to see this link.]
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
  • Change Drivers to Non-Microsoft
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\_OTL\MovedFiles
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Mon Jan 23, 2012 2:15 am

I got my pc to load normal. I just shut down that scan removed the disk and now my pc starts but i still have all the same problems I had before and that scan that disk was doing never did get to finsh it stayed stuck right on that file I mentioned

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Mon Jan 23, 2012 7:07 pm

Please try this. Boot your computer in Safe Mode with NetWorking, download, install and run a scan with MBAM (below) Re-boot in Normal mode and try to run the scan again.
[You must be registered and logged in to see this link.]

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Mon Jan 23, 2012 9:57 pm

ok I did what you said but it still didnt find anything but that scan I tried to run when I couldnt get my pc to load at all found all kinds of stuff but it just kept getting stuck on that one file. The more of these scans I seem to run the worse my pc is getting. It now takes about 3 minutes for a web page to load

Malwarebytes Anti-Malware 1.60.0.1800
[You must be registered and logged in to see this link.]

Database version: v2012.01.17.04

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Vangie :: PAIN [administrator]

1/23/2012 2:12:11 PM
mbam-log-2012-01-23 (14-12-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 333052
Time elapsed: 36 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Mon Jan 23, 2012 11:11 pm

Save these instructions so you can have access to them while in Safe Mode.

Please click [You must be registered and logged in to see this link.] to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the License agreement and click on next.
  • It will, by default, install it to your desktop folder. Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Dragoness on Tue Jan 24, 2012 5:04 am

ok I ran that antivirus and it found one trojan, but when I try and post the log here, the web page locks up and I still can't run any search engine of any kind, so whatever it did didnt help, but it seems to be getting worse again.

Dragoness
Intermediate
Intermediate

Posts Posts : 75
Joined Joined : 2009-12-31
Gender Gender : Female
OS OS : Windows XP
Protection Protection : Avast
Points Points : 26216
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't run any search engine and pc is running badly

Post by Superdave on Wed Jan 25, 2012 12:18 am

Download Combofix from any of the links below, and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [URL="http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications.html"]here[/URL] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83161
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum