Jump to content

Mouse Keeps Locking Up, Pages Not Found Code 404


tjscott71
 Share

Recommended Posts

I have ran AVG, Malwarebytes anti malware, housecall, the dds thing and my computer is regularly updated from windows.

My mouse keeps locking up, I have to unplug, then plug back in. Could not retrieve my saved watch list from ebay, but could on any other pc. (After the scans I can pull up my ebay items once again) Can not pull up my state radar image from intellicast, it gives me the error message "

 

 

404 - File or directory not found.

 

The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

/////////// SEARCH ///////////var g_aEng;var g_loc;// Initialize namespace, use existing contextvar searchshield = searchshield || {};searchshield.clockUrl;// constantssearchshield.SCORE_SS_SAFE = 1;searchshield.SCORE_SS_CAUTION = 2;searchshield.SCORE_SS_WARNING = 3;searchshield.SCORE_SS_BLOCK = 4;searchshield.SCORE_SS_VERISIGN = 7;searchshield.BLOCK_NONE = 0;searchshield.BLOCK_NORMAL = 1;searchshield.BLOCK_PHISH = 2;searchshield.BLOCK_YAHOO = 3;searchshield.XPLCHECK_RESULT_SEV_NONE = 0;searchshield.XPLCHECK_RESULT_SEV_LOW = 1;searchshield.XPLCHECK_RESULT_SEV_MED = 2;searchshield.XPLCHECK_RESULT_SEV_BLOCK = 3;searchshield.VERISIGN_SPLIT_NOTEST = 0;searchshield.VERISIGN_SPLIT_TESTA = 1;searchshield.VERISIGN_SPLIT_TESTB = 2;searchshield.needLivePhishCheck = false;searchshield.allowedSites = [];searchshield.enabled = function (doc){ var result = searchshield.avgCallFunc(doc, 'GetSearchEnabled'); return (result == '1' ? 1 : 0);};searchshield.init = function (doc){ if ((doc == null) || (doc.location == null) || (doc.location.href.search(/about:/) != -1)) return; if (!searchshield.enabled(doc)) return; if (!g_aEng) g_aEng = searchshield.Search.prototype.detectEngine(doc.location.href); if (!g_aEng) return; // init search object (not declared or is null) if (typeof xplSearch === 'undefined') { // global xplSearch = new searchshield.Search(); // reset the links added flag xplSearch.new_links = false; xplSearch.doc = doc; xplSearch.href = xplSearch.doc.location.href; xplSearch.uri = searchshield.parseLink(xplSearch.href); xplSearch.engine = new searchshield[g_aEng+'SearchEngine'](xplSearch) xplSearch.addEngine(xplSearch.engine); searchshield.launch(doc); } if (doc.location.href != g_loc) { g_loc = doc.location.href; if ((typeof xplSearch !== 'undefined') && (xplSearch != null)) searchshield.launch(doc); }};searchshield.launch = function (doc){ // IE specific check searchshield.quirksMode = (self.top.document.compatMode == 'BackCompat'); searchshield.docMode = parseInt(navigator.userAgent.split('MSIE')[1]); if ((self === top) && (self.document === doc)) { if (!xplSearch.engine) return; // set verdict display config xplSearch.engine.setRatingsConfig(doc); // init the alert popup searchshield.initPopupAlert(doc); if (xplSearch.engine.type != 'inline') { // save function reference for memory clean up later var fn = function(event){avglsflyover.hide(null)}; //hide flyover if these events occur window.detachEvent('onscroll', fn); window.attachEvent('onscroll', fn); doc.detachEvent('onkeydown', fn); doc.attachEvent('onkeydown', fn); } // only start monitor on top doc searchshield.avgPageMonitor.start(doc); } return;};// search monitors and processors - doc is always top most documentsearchshield.avgPageMonitor = { previousUrl: null, start: function(doc){ searchshield.avgPageMonitor.stop(); searchshield.avgPageMonitor.process(doc); searchshield.avgPageMonitor.timeoutID = window.setTimeout(function(){searchshield.avgPageMonitor.start(doc)}, 1000); }, process: function(doc){ var currentUrl = doc.location.href; var refresh = 0; if (this.previousUrl != currentUrl) { this.previousUrl = currentUrl; avgreport.scanResult(doc, currentUrl); refresh = (xplSearch.engine.name == 'google') ? 1 : 0; } searchshield.avgProcessSearch(doc, refresh); }, stop: function(){ if (searchshield.avgPageMonitor.timeoutID) { window.clearTimeout(searchshield.avgPageMonitor.timeoutID); delete searchshield.avgPageMonitor.timeoutID; } }};searchshield.avgProcessSearch = function (doc, refresh){ // doc may be about:Tabs or about:Blank if (!doc) return; if (!searchshield.enabled(doc)) return; if (!searchshield.clockUrl) searchshield.clockUrl = searchshield.avgCallFunc(doc, 'GetIconUrl', '0'); xplSearch.clockUrl = searchshield.clockUrl if (!xplSearch.engine) return; // get result links xplSearch.links = []; var links = searchshield.avgGetSearchLinks(doc, xplSearch.engine, refresh); searchshield.needLivePhishCheck = false; for (var i=0; i < links.length; i++) { var isPhishing = searchshield.avglsCheckandUpdate(links); if (isPhishing) searchshield.needLivePhishCheck = true; } if (searchshield.needLivePhishCheck) { var prev = '1'; if ( xplSearch.engine.type == 'inline' ) prev = '0'; searchshield.avgCallFunc(doc, 'GetPhishingResults', prev); searchshield.needLivePhishCheck = false; } else if (links.length > 0 && xplSearch.engine.type != 'inline') { searchshield.avgCallFunc(doc, 'FinalScanComplete'); } // attach click handlers for popup alerts doc.body.detachEvent("onclick", searchshield.blockClick); doc.body.attachEvent("onclick", searchshield.blockClick); doc.body.detachEvent("ondblclick", searchshield.blockClick); doc.body.attachEvent("ondblclick", searchshield.blockClick);};searchshield.avgGetSearchLinks = function (doc, engine, refresh){ if (!doc.body) return; var alltags = doc.body.getElementsByTagName('a'); for (var i = 0; i < alltags.length; i++) { if ( !refresh ) { // no checked test if refreshing - google if (alltags.getAttribute('avglschecked')) continue; } // ignore linked resources if (alltags.tagName == 'LINK') continue; // ignore in-page bookmarks and javascript if ((!alltags.href) || (alltags.href.charAt(0) == '#') || // in-page bookmark (alltags.href.indexOf("javascript") == 0)) continue; // ignore verdicts if (/XPLSS_/.test(alltags.id)) continue; // ignore flyover anchors if (/linkscanner|avgthreatlabs|avg\.com/.test(alltags.href)) continue; var href = engine.includeLink(alltags); if (!href) continue; var newNode = engine.search.addLink(alltags, href); engine.addImage(newNode, engine.search.clockUrl, false); } // recursivesly process all frames var docFrames = doc.frames; if (docFrames && engine.processFrames) { for (var j = 0; j < docFrames.length; j++) { var attr; var frameDoc; try { attr = docFrames[j].frameElement.className; frameDoc = docFrames[j].document; } catch(err){} //TODO: make frame processing an engine function or at least make exclusions an engine property // 'editable' frame it's probably a gmail reply if (attr && (attr.indexOf("editable") != -1)) continue; if (frameDoc) searchshield.avgGetSearchLinks(frameDoc, engine, 0); } } return engine.search.links;};searchshield.avglsCheckandUpdate = function (linkNode){ if (!xplSearch) return; // element is the search result anchor var element = linkNode.element; var href = linkNode.href; var result = searchshield.avgCallFunc(xplSearch.doc, 'CheckSite', href, element.href); if (result == null) return; var resultParse = result.split('::'); var phishing = resultParse[0]; // if phishing then rest of array does not exist. if (phishing == 1) return true; if (resultParse.length < 8) return; var hash = resultParse[1]; var score = resultParse[2]; var new_image = resultParse[3]; var alt_image = resultParse[4]; var flyover = resultParse[5]; var click_thru= resultParse[6]; var altClick_thru = resultParse[7]; // iterate to get verdict anchor nextElem = element.nextSibling; while (nextElem) { if (nextElem.nodeType == 1 && nextElem.id && (nextElem.id.indexOf("XPLSS_") != -1)) break; nextElem = nextElem.nextSibling; } return xplSearch.engine.updateImage(hash, xplSearch.searchHash, score, new_image, alt_image, flyover, click_thru, altClick_thru);};// click event handler - shows popup for links of caution and warning severitysearchshield.blockClick = function(event){ if (!event) event = window.event; // no action needed if click is not the left mouse button if (event.button != 0) return; var anchor = searchshield.getAnchorNode(event.srcElement, function(node) {return ((node.tagName.charAt(0) == "H") || (node.tagName.charAt(0) == "D") || (node.tagName.charAt(0) == "T"))} ); if ((anchor == null) || (anchor.href == null)) return true; // ignore if anchor is on an xpl verdict if (!!anchor.id) { if (anchor.id.indexOf('LXPLSS_') == 0) return true; if (anchor.id.indexOf('XPLSS_INTR') == 0) { searchshield.allowedSites.push(searchshield.GetDomain(anchor.href)); return true; } } // VeriSign A/B Split reporting - only for VerSign domains var avglschecked = anchor.getAttribute("avglschecked"); if (avglschecked && avglschecked != 1) { var sPos = avglschecked.indexOf("S"); var hash = (sPos > -1) ? avglschecked.substring(0, sPos) : null; var split = (sPos > -1) ? avglschecked.substring(sPos+1) : null; if (hash && split && split != searchshield.VERISIGN_SPLIT_NOTEST) { // check updated verdict anchor for verisign domain var d = event.srcElement.ownerDocument; if (d.getElementById("LXPLSS_" + hash + "U" + searchshield.SCORE_SS_VERISIGN)) { searchshield.avgCallFunc(d, "RecordVSClick", hash, d.location.href); } } } var link = anchor.href; var verdict = searchshield.getAvgImage(anchor); var score = -1; var img_id = ''; if (verdict != null) { score = verdict.score; img_id = verdict.rawId; } // show popup alert (upper left) if ((score >= searchshield.SCORE_SS_CAUTION) && (score = elementRect.bottom) && (nextImgRect.left -1) return true; return false;};searchshield.FilterUrl = function (url, filter){ if (!url || (url.length < 1)) return false; if (!filter || !(filter instanceof Array)) return false; var parts = url.split('/'); if ((parts == null) || (parts.length < 3)) return false; var domain = parts[2]; for (var i = 0; i < filter.length; i++) { if (domain.indexOf(filter) != -1) return true; } return false;};searchshield.GetDomain = function (url){ if (url != null) { // get url domain var parts = url.split('/'); if ((parts != null) && (parts.length >= 3)) { return parts[2].toLowerCase(); } } return url;};searchshield.getUrlContents = function (url) { if (url == null) return null; // don't query if local url if (url.indexOf("linkscanner://") != -1) return null; try { req = new XMLHttpRequest(); req.open("GET", url, false); req.send(null); if (req.status == 200) return req.responseText; else return null; } catch (err) { // nothing to do return null; }};searchshield.parseLink = function (href, simpleMode){ var uri = {}; var parameter = { complex: { pattern: /^(?:([a-z]+):(?:([a-z]*):)?\/\/)?(?:([^:@]*)(?::([^:@]*))?@)?((?:[a-z0-9_-]+\.)+[a-z]{2,})(?::(\d+))?(?:([^:\?\#]+))?(?:\?([^\#]+))?(?:\#([^\s]+))?$/i, element: ['source','scheme','subscheme','user','pass','host','port','path','query','fragment'] }, simple: { pattern: /^(?:([a-z]+):\/\/)?((?:[a-z0-9_-]+\.)+[a-z]{2,})(?:\/)([^:\?]+)?(?:([\?|\#])([^\?]+))?$/i, element: ['source','scheme','host','path','delimiter','query'] } }; var mode = simpleMode !== false ? 'simple' : 'complex'; var pattern = parameter[mode].pattern; var element = parameter[mode].element; if (!href) return uri; var matches = href.match(pattern); if (matches) { // -------------------- // iterate over the matches array and populate uri properties // using the respective element parameter as the name. // NOTE: set raw property type as String to make inArray() // work properly with instanceof. // -------------------- for (var i=0; i < matches.length; i++) uri[element] = new String(matches || ""); // -------------------- // create an array, hostArray, from host, for example, // host="www.google.com" and hostArray=["www","google","com"] // -------------------- uri.hostArray = uri.host.split("."); // -------------------- // create an array, qsArray, from query, for example, // query='hl=en&q=javascript&btnG=Search&aq=f&aqi=g10&aql=&oq=&gs_rfai=' // qsArray=[{hl:'en'},{q:javascript}, ... ,(qs_rfai:''}] // // $0=entire match, $1=capture 1, $2=capture 2 // must include $0 even though it is unused so // the replace works properly // -------------------- uri.qsArray = searchshield.parseQuery(uri.query); } //non-standard urls require a fail-safe that relies on simply splitting the href function splitLink(href) { // split the href on '/' var linkParts = href.split("/"); // need domain and path if ((linkParts == null) || (linkParts.length < 2)) return false; var uri = { delimiter: (linkParts[3]).substring(0,1), host: linkParts[2], hostArray: (linkParts[2]).split('.'), path: (linkParts[3]).substring(1), qsArray: [], query: '', scheme: (linkParts[0]).substring(0, linkParts[0].length-1), source: href }; return uri; } if (!uri.host) uri = splitLink(href); return uri;};searchshield.parseQuery = function (qs){ var qsArray = []; qs.replace(/(?:^|&)([^&=]*)=?([^&]*)/g, function ($0, $1, $2) { if ($1) qsArray[$1] = $2; } ); return qsArray;};// general functionssearchshield.arrayKeys = function (array){ var keys = new Array(); for(k in array) keys.push(k); return keys;};searchshield.inArray = function (key, array, caseSensitive, exactMatch){ if (! array instanceof Array) return false; if (caseSensitive !== true) caseSensitive = false; if (exactMatch !== false) exactMatch = true; if (key instanceof String) { for (var i=0; i < array.length; i++) { var k = caseSensitive ? key.valueOf() : key.valueOf().toLowerCase(); var a = caseSensitive ? array : array.toLowerCase(); if(exactMatch && k === a) return true; else if (!exactMatch && (-1 !== k.indexOf(a))) return true; } } else if (key instanceof Array) { for (var i=0; i < array.length; i++) for (var j=0; j < key.length; j++) { var k = caseSensitive ? key[j] : key[j].toLowerCase(); var a = caseSensitive ? array : array.toLowerCase(); if (exactMatch && k === a) return true; else if (!exactMatch && (-1 !== k.indexOf(a))) return true; } } return false;};searchshield.getClickHandlerParams = function(clickHandler){ var re = /((?:'[^']*')|[\w]*)(?:,|\))/ig; var chParams = []; clickHandler.replace(re, function($0, $1, $2){ if ($1) chParams.push($1); } ); return chParams;};// general use functions - end// Search constructorsearchshield.Search = function(){ this.doc = null; this.engine = null; this.engines = null; this.links = null; this.uri = null; this.searchHash = null; this.checkUrl = null; this.useLocalImgs = null; this.clockUrl = null; // create engine list (actually key/value object will be used) this.engineList = {};};searchshield.Search.prototype.getSearchNames = function(){ // order is important var names = [ 'Google', 'AVGGoogle', 'AltaVista', 'AVGYahoo', 'Yahoo', 'Bing', 'MSN', // MSN redirects to BING 'Baidu', 'Earthlink', 'AOL', 'Ask', 'Yandex', 'Seznam', 'Webhledani', 'eBay',///temp 'Digg', 'Slashdot', 'Twitter', 'GMail', 'Facebook', 'MySpace' ]; return names;};searchshield.Search.prototype.detectEngine = function(href){ if (!href) return; var aEng = searchshield.Search.prototype.getSearchNames(); var aEngLen = aEng.length; for (var i=0; i < aEngLen; i++) { if (searchshield[aEng + 'SearchEngine'].prototype.validSearch(href)) return aEng; } return;};searchshield.Search.prototype.addEngine = function(engine){ if (!this.engines) this.engines = new Array(); this.engines.push(engine);};searchshield.Search.prototype.addLink = function(inElement, inHref){ if (!this.links) this.links = new Array(); var hrefHash; try { hrefHash = searchshield.avgCallFunc(this.doc, 'GetHash', inHref); } catch (e){} var newNode = { element: inElement, href: inHref, hash: hrefHash, search: this.searchHash }; this.links.push(newNode); return newNode;}// process the search result page after all search engines have been addedsearchshield.Search.prototype.process = function(doc){ // only process when searchshield is enabled if (!searchshield.enabled(doc)) return; this.doc = doc; this.href = this.doc.location.href; this.uri = searchshield.parseLink(this.href); try { this.searchHash = searchshield.avgCallFunc(this.doc, 'GetHash', this.href); // get any previously active engine this.engine = this.engineList[this.searchHash.toString()]; } catch (e) {} /* Process Steps: 1. Add all supported search engines 2. Identify the active search engine 3. Get all document links and add AVG images */ // STEP 1 - Add all supported search engines if (!this.engines) { var aEng = xplSearch.getSearchNames(); var aEngLen = aEng.length; for (var i=0; i < aEngLen; i++) { xplSearch.addEngine(new searchshield[aEng+'SearchEngine'](this)); } } // search the engines if we didn't find one if (!this.engine) { // STEP 2 - Identify the active search engine var engLen = this.engines.length; for (var i = 0; i < engLen; i++) { if (this.engines.validSearch()) { this.engine = this.engines; break; } } // create a new engine instance to store this.engineList[this.searchHash.toString()] = this.engine; // init this search, if < 1 either an error or disabled //var sdkInit = 0; //try { // sdkInit = xpl_sdk.SXPL_InitSearch(this.href); //} //catch(e){} //if (sdkInit < 1) // return false; } // return immediately if there is not an active search engine if (!this.engine) return false; try { // base url to check for icons this.checkUrl = searchshield.avgCallFunc(this.doc, 'GetIconUrl', '1'); // check if using linked or local icons this.useLocalImgs = !searchshield.getUrlContents(this.checkUrl); // get the clock url this.clockUrl = searchshield.avgCallFunc(this.doc, 'GetIconUrl', '0'); } catch(e){} // STEP 3 - Get all document links and add AVG images var alltags = this.doc.getElementsByTagName("*"); // this method works for IE, FF and Chrome for (var i=0; i < alltags.length; i++) { // ignore verdicts if (alltags.id && (alltags.id.indexOf("LXPLSS_") != -1)) continue; //should the link be included? Make sure includeLink always returns an href else FALSE, var href = this.engine.includeLink(alltags); if (!href) continue; var newNode = this.addLink(alltags, href); this.engine.addImage(newNode, this.clockUrl, false); } return (this.links ? this.links.length : false);};//////////////// SEARCH //////////////////////////////// SEARCH ENGINE ////////////////// Interface for a SearchEngine objectsearchshield.SearchEngine = function(search){ this.search = search; this.type = 'standard'; this.processFrames = false; this.new_links = true; this.onlyPrimaries = true; this.inline = { clockImage: "linkscanner://clock12.png", image: [ "linkscanner://safe12.png", "linkscanner://caution12.png", "linkscanner://warning12.png", "linkscanner://blocked12.png" ], color: { classname: ["green","yellow","orange","red"], border: ["#00A120", "#EAA500", "#F57301", "#D20003"], background: ["#C3E5CA", "#FEEFAE", "#FFD3B0", "#F5D4C1"] } }; this.filter_urls = [ "ad.doubleclick.net", "ads1.revenue.net", "aslads.ask.com", "bluestreak.com", "clickbacktrack.net", "clickbank.net", "clickboothlnk.com", "clickmanager.com", "clickserve.cc-dt.com", "dartsearch.net", "clicktraxmedia.com", "clk.atdmt.com", "dpi-digialphoto.com", "feedpoint.net", "hypertracker.com", "jdoqocy.com", "kqzyfj.com", "m1428.ic-live.com", "mediaplex.com", "mr.mdmngr.com", "n339.asp-cc.com", "offeredby.net", "offerweb.com", "pinktrax.com", "pinktrax.com", "pixel1523.everesttech.net", "qckjmp.com", "r.rd06.com", "revenuewire.net", "s0b.bluestreak.com", "s2.srtk.net", "servedby.advertising.com", "store.yahoo.com", "tf8.cpcmanager.com", "thetoptracker.com", "track.searchignite.com", "tracking.searchmarketing.com", "www.dpbolvw.net", "www.rkdms.com", "www.yellowbookleads.com" ]; this.shortened_urls = [ "3.ly", "bit.ly", "is.gd", "tr.im", "short.to", "tiny.cc", "tinyurl.com", "lnk.ms", "msplinks.com" ]; this.showCleanVerdicts = true; this.showLowRiskVerdicts = true; this.showMedRiskVerdicts = true; this.VeriSignSplit = searchshield.VERISIGN_SPLIT_NOTEST;};searchshield.SearchEngine.prototype.flyoverExists = function (doc){ return !!doc.getElementById("XPLSS_Flyover");};searchshield.SearchEngine.prototype.inlineExists = function (doc){ return !!doc.getElementById("XPLSS_InlineFlyover");};searchshield.SearchEngine.prototype.validSearch = function(href) { return false; };searchshield.SearchEngine.prototype.includeLink = function(link) { return false; };searchshield.SearchEngine.prototype.insertNodes = function(node, doc){ var element = node.element; var parentNode = node.element.parentNode; if (parentNode == null) { // try and find element again based on the hash element = doc.getElementById("xplid_" + node.hash); parentNode = !!element ? element.parentNode : null; } var insertNode = !!element ? element.nextSibling : null; while ((insertNode != null) && (insertNode.tagName != null) && (insertNode.tagName == "SPAN")) { insertNode = insertNode.nextSibling; } return [insertNode, parentNode];};searchshield.SearchEngine.prototype.addImage = function(node, image, hidden){ var element = node.element; var hash = node.hash; var score = node.score; // set verdict display configuration var doc = element.ownerDocument; if (this.type != 'inline' && !doc.getElementById('XPLSS_Flyover')) searchshield.initFlyover(doc, this); // get the proper insertion point for the image var insertNodes = this.insertNodes(node, doc); var insertNode = insertNodes[0]; var parentNode = insertNodes[1]; if (!parentNode) return; // see if we already have an image if ((insertNode != null) && (insertNode.id != null) && (insertNode.id.indexOf("XPLSS_") > -1)) { return; } // mark search result anchor so it isn't processed repeatedly if (score == undefined) element.setAttribute("avglschecked", hash + "S" + this.VeriSignSplit); // create a new image var img = doc.createElement('img'); img.src = image; img.id = "XPLSS_" + hash; img.style.borderStyle = "none"; img.style.margin = "0 3px"; // for IE, specify these style attributes to prevent inadvertent inheritance from parent if (img.width && img.height) { img.style.width = img.width + 'px'; img.style.height = img.height + 'px'; } // apply custom element styles this.updateElementStyle(img, this.addImageStyle); // create the link element var anchor = doc.createElement("A"); anchor.setAttribute("id", "LXPLSS_" + hash); if ((hidden != null) && (hidden == true)) { // hiding the parent will also hide its child nodes anchor.style.display = "none"; } // Default anchor styles //Over-ride possible border style with inline declaration anchor.style.borderStyle = "none"; // apply custom element styles this.updateElementStyle(anchor, this.addAnchorStyle); if (score == searchshield.SCORE_SS_VERISIGN) { anchor.style.textDecoration = "none"; anchor.style.background = "none repeat scroll 0 0 transparent"; } // append the image to the link anchor.appendChild(img); // insert the node as either a sibling or a child if (insertNode != null) parentNode.insertBefore(anchor, insertNode); else parentNode.appendChild(anchor); return anchor;};searchshield.SearchEngine.prototype.updateImage = function (hash, search, score, image, alt_image, flyover, click_thru, altClick_thru){ var updated = false; var frameDoc = this.search.doc; var docFrames = frameDoc.frames; var frameElem; if (docFrames && this.processFrames) { for (var i=0; i < docFrames.length; i++) { try { if (docFrames.document.getElementById(hash)) { frameElem = docFrames.frameElement; frameDoc = docFrames.document; break; } } catch(err){} } } while ((element = frameDoc.getElementById(hash)) != null) { // check configuration to determine if verdict display property var showVerdict = true; var nSeverity = Number(score - 1); switch (nSeverity) { case searchshield.XPLCHECK_RESULT_SEV_LOW: showVerdict = this.showLowRiskVerdicts; break; case searchshield.XPLCHECK_RESULT_SEV_MED: showVerdict = this.showMedRiskVerdicts; break; case searchshield.XPLCHECK_RESULT_SEV_NONE: showVerdict = this.showCleanVerdicts; break; default: if (score == searchshield.SCORE_SS_VERISIGN) showVerdict = this.showCleanVerdicts; break; } // remove image if no url specified if ((!showVerdict) || (image == null) || (image.length < 1)) { // hide the parent anchor node element.parentNode.style.display = "none"; // mark the id as being hidden (element is the image) element.id = element.id + "H"; updated = true; // if not a verisign score if (score != searchshield.SCORE_SS_VERISIGN) continue; } // cleanup flyover, replace any new lines or single quotes flyover = searchshield.CleanupHTML(flyover); // mark the id as having been updated element.id = element.id + "U" + score; element.src = image; element.attachEvent("onmouseover", function(e){avglsflyover.popup(e, hash, search, flyover)}); element.attachEvent("onmouseout", function(e){avglsflyover.hide(e)}); // check for attribute updates (elementAttribute is an associative array (i.e., object) if (this.elementAttribute) { for (a in this.elementAttribute) { if(this.elementAttribute[a]) element.setAttribute(a, this.elementAttribute[a]); } } // To dynamically reduce verdict image size if it causes its container to scroll // when not showing alt images determine if the element containing // the verdict image is scrolling and decrease the image size by // the scroll amount (min size is 80% or original) var reduceBy = 0.8; var scrl = 0; if (!alt_image || this.omitAltImage || this.VeriSignSplit == searchshield.VERISIGN_SPLIT_TESTB) { try{ var maxLoop = 5; var cN = element.parentNode.parentNode; //image->anchor->containerNodes... while (cN && maxLoop--) { if (cN.tagName == "DIV" || cN.tagName == "SPAN") { // get object height depending on ie document mode var clientHeight = (cN.clientHeight == 0 || (this.search.doc.documentMode && this.search.doc.documentMode < 8)) ? cN.offsetHeight : cN.clientHeight; scrl = cN.scrollHeight - clientHeight; break; } cN = cN.parentNode; } if (0 < scrl) { var eH = (element.height - scrl)/element.height; if (reduceBy > eH) eH = reduceBy; var newDim = Math.ceil(eH*element.height); element.height = newDim; element.width = newDim; element.style.height = newDim + "px"; element.style.width = newDim + "px"; } } catch(e){} } // set default style attributes element.style.display = ""; // if verisign icon showing move our icon up for better centering of the 2 // except for IE7 browser - it does not like this style try { var ieVersion = parseFloat(navigator.appVersion.split("MSIE")[1]); if (alt_image && (alt_image.length > 0) && ieVersion != 7) element.style.verticalAlign = "10%"; } catch(err){}; // apply custom element styles this.updateElementStyle(element, this.updateImageStyle) // update the click thru var link = this.search.doc.getElementById("L" + hash); if (link) { link.href = click_thru; link.id = link.id + "U" + score; } updated = true; // add the alternate image if supplied BUT not on avg yahoo if ((alt_image) && (alt_image.length > 0) && (!this.omitAltImage) && (this.VeriSignSplit != searchshield.VERISIGN_SPLIT_TESTB)) { var vhash = hash.substring(hash.indexOf("_")+1); // create a temporary link node var tmp_node = { element: element.parentNode, href: altClick_thru, hash: vhash + "VU" + score, search: this.searchHash, score: score }; var altAnchor = this.addImage(tmp_node, alt_image, false); if (altAnchor && altAnchor.firstChild) { altAnchor.firstChild.setAttribute("onmouseover", ""); altAnchor.href = altClick_thru; } } } if (updated != false) { this.resizeFrame(frameElem); return true; } return false;};searchshield.SearchEngine.prototype.updateElementStyle = function (element, elementStyle){ if (elementStyle) { // a NULL attribte value will unset it for(attr in elementStyle) { try { if (element.style.setAttribute) element.style.setAttribute(attr, elementStyle[attr]); else element.style[attr] = elementStyle[attr]; } catch(err){} } }};searchshield.SearchEngine.prototype.resizeFrame = function (frameElem){ // resize frame to prevent unwanted scrolling after inserting verdicts // ignore inline and non-frame engines if ((this.type == 'inline') || (!this.processFrames)) return; // ensure all required elements are available if ((frameElem == null) || (frameElem.style == null) || (frameElem.contentWindow == null)) return; // if frame is scrolling vertically then resize var frameHeight = parseInt(frameElem.style.height, 10); if (!isNaN(frameHeight) && (frameHeight < frameElem.contentWindow.document.body.scrollHeight)) frameElem.style.height = frameElem.contentWindow.document.body.scrollHeight + 'px'; return;};searchshield.SearchEngine.prototype.getImgElement = function (element){ // return an xpl img element associated with a given element if (element == null) return null; // go up the parent tree looking for a header or div while ( (element.parentNode != null) && (element.tagName.charAt(0) != "H") && (element.tagName.charAt(0) != "D") && (element.tagName.charAt(0) != "T") ) { element = element.parentNode; } // if all the way to the top, nothing if ((element.tagName == "HTML") || (element == null)) return null; // get image tags, if none we are done var imgTags = element.getElementsByTagName("IMG"); if ((imgTags == null) || (imgTags.Length < 1)) return null; for (var i = 0; i < imgTags.length; i++) { if ((imgTags.id == null) || (imgTags.id.indexOf("XPLSS_") == -1)) continue; return imgTags; } // else didn't find anything return null;};searchshield.SearchEngine.prototype.setRatingsConfig = function (doc){ // get verdict configuration, need at least severity var results = searchshield.avgCallFunc(doc, 'GetRatingsConfig'); var parts = !!results ? results.split('::') : null; if (parts != null && parts.length >= 5) { //if set to default then get config value if (this.showCleanVerdicts === true) this.showCleanVerdicts = (parseInt(parts[0]) == 1) ? true : false; if (this.showLowRiskVerdicts === true) this.showLowRiskVerdicts = (parseInt(parts[1]) == 1) ? true : false; if (this.showMedRiskVerdicts === true) this.showMedRiskVerdicts = (parseInt(parts[2]) == 1) ? true : false; this.VeriSignSplit = (parseInt(parts[4])); } return true;};searchshield.SearchEngine.prototype.init_inline_ratings = function (doc){ if ((doc == null) || (doc.getElementById("XPLSS_InlineFlyover"))) return; if (!searchshield.quirksMode) { // create style for inline flyovers var styleTag = doc.createElement("style"); styleTag.setAttribute("id","avgILFOStyle"); var headTag = doc.getElementsByTagName("head")[0]; headTag.appendChild(styleTag); var inline_style = styleTag.styleSheet; // stub in the base image name as the url inline_style.addRule(".avgILFO", "background: url(linkscanner://default_inline_border_tl.png) no-repeat top left;"); inline_style.addRule(".avgILFO", "width:0px; font-size:0px; z-index:9999; visibility:hidden; position:absolute; left:-5000px;"); inline_style.addRule(".avgILFO_content", "background: url(linkscanner://default_inline_border_r.png) top right repeat-y;"); inline_style.addRule(".avgILFO_content","font-size:10px; color:black; padding:0px 10px; text-align:left; word-wrap:break-word; line-height:130%"); inline_style.addRule(".avgILFO_head", "background: url(linkscanner://default_inline_border_tr.png) no-repeat top right;"); inline_style.addRule(".avgILFO_head", "width:0px; height:5px;"); inline_style.addRule(".avgILFO_head div","height:5px;"); inline_style.addRule(".avgILFO_foot", "background: url(linkscanner://default_inline_border_bl.png) no-repeat bottom left"); inline_style.addRule(".avgILFO_foot", "height:5px;"); inline_style.addRule(".avgILFO_foot div", "background: url(linkscanner://default_inline_border_br.png) no-repeat bottom right"); inline_style.addRule(".avgILFO_foot div", "height:5px; width:0px;"); } try { // create the popup box var box = doc.createElement("DIV"); if (searchshield.quirksMode) { box.style.visibility = "hidden"; box.style.position = "absolute"; box.style.left = "-5000px"; } box.setAttribute("id", "XPLSS_InlineFlyover"); box.setAttribute("class", "avgILFO"); doc.body.appendChild(box); box = null; } catch(boxErr){}};searchshield.SearchEngine.prototype.show_inline_ratings = function (doc, node, image){ var href = node.href; var anchor = node.element; if ((href == null) || (href.length < 1)) return; if (avglsinlineflyover.imageExists(anchor)) return; // mark search result anchor so it isn't processed repeatedly anchor.setAttribute("avglschecked", "1"); // get verdict this.display_inline(doc, anchor, href, node, false);};searchshield.SearchEngine.prototype.display_inline = function (doc, anchor, href, node, update, min_severity){ // min_severity is the lowest severity to display, so setting it to // 1 would not display safe icons var results = searchshield.avgCallFunc(doc, 'MalsiteCheck', href); if (results == null) return; var parts = results.split('::'); // need at least severity if (parts == null) return; var nSeverity = parseInt(parts[0]); if (!update && nSeverity == searchshield.XPLCHECK_RESULT_SEV_NONE) { var shortUrl = searchshield.FilterUrl(href, this.shortened_urls); if (shortUrl) { // shortened url verdicts display later var engine = this; anchor.attachEvent("onmouseover", function(event){avglsinlineflyover.mouseOverHandler(event, doc, engine)}); return; } } // severity -1 signifies sb.dat load failure if ( nSeverity == -1 ) nSeverity = searchshield.XPLCHECK_RESULT_SEV_NONE; //blacklist url var blShortUrl = false; if (nSeverity == searchshield.XPLCHECK_RESULT_SEV_BLOCK) { var shortUrl = searchshield.FilterUrl(href, this.shortened_urls); if (shortUrl) blShortUrl = true; } // need xlated cat tag and category if (parts.length < 3) return; // check the minimum to display if ((min_severity != null) && (nSeverity < min_severity)) return; if (nSeverity == searchshield.XPLCHECK_RESULT_SEV_LOW && !this.showLowRiskVerdicts) { if (update) this.avg_ls_inline_hide_verdict(anchor); return; } if (nSeverity == searchshield.XPLCHECK_RESULT_SEV_MED && !this.showMedRiskVerdicts) { if (update) this.avg_ls_inline_hide_verdict(anchor); return; } if (nSeverity == searchshield.XPLCHECK_RESULT_SEV_NONE && !this.showCleanVerdicts) { if (update) this.avg_ls_inline_hide_verdict(anchor); return; } if (update) this.update_inline_image(anchor, nSeverity, parts); else this.add_inline_image(doc, anchor, nSeverity, parts, blShortUrl);};searchshield.SearchEngine.prototype.avg_ls_inline_hide_verdict = function (anchor){ var image = avglsinlineflyover.getImage(anchor); if (image) { image.style.display = "none"; if (image.parentNode && image.parentNode.id == "avg_ls_anch") image.parentNode.style.display = "none"; }};searchshield.SearchEngine.prototype.update_inline_image = function (anchor, nSeverity, aRisk){ // update the image already in the page if (anchor && anchor.firstChild) { var html = ''; var image = ''; if (aRisk != null && nSeverity != null) { var riskCategory = aRisk[1]; var riskName = aRisk[2]; var bgColor = this.inline.color.background[nSeverity]; var borderColor = this.inline.color.border[nSeverity]; image = this.inline.image[nSeverity]; html = avglsinlineflyover.build(riskCategory, riskName, bgColor, borderColor); } var imageElem = anchor.firstChild; imageElem.src = image; if ( html && html.length > 0 ) { imageElem.setAttribute("title", ""); imageElem.attachEvent("onmouseover", function(e){avglsinlineflyover.popup(e, html, nSeverity)}); imageElem.attachEvent("onmouseout", function(e){avglsinlineflyover.hide(e)}); } }};// add the image to the pagesearchshield.SearchEngine.prototype.add_inline_image = function (doc, anchor, nSeverity, aRisk, blShortUrl){ if (anchor == null || anchor.parentNode == null) return null; // get the proper insertion point for the image var insertNode = anchor.nextSibling; while ((insertNode != null) && (insertNode.tagName != null) && (insertNode.tagName == "SPAN")) { insertNode= insertNode.nextSibling; } // see if we already have an image anchor if ((insertNode != null) && (insertNode.id != null) && (insertNode.id == "avg_ls_anch")) { return null; } var html = ''; var image = this.inline.clockImage; if (aRisk != null && nSeverity != null) { var riskCategory = aRisk[1]; var riskName = aRisk[2]; var bgColor = this.inline.color.background[nSeverity]; var borderColor = this.inline.color.border[nSeverity]; image = this.inline.image[nSeverity]; var blUrl; if (blShortUrl) { var aRiskName = riskName.split(':'); var sUrl = searchshield.checkUrl(aRiskName[1]); blUrl = {}; blUrl.riskNameLabel = aRiskName[0] + ': '; blUrl.riskCategory = riskCategory; blUrl.bgColor = bgColor; blUrl.borderColor = borderColor; blUrl.sUrl = sUrl; } else { html = avglsinlineflyover.build(riskCategory, riskName, bgColor, borderColor); } } doc = anchor.ownerDocument; var img = doc.createElement("img"); img.src = image; img.setAttribute("id","avg_ls_image"); img.style.width = "12px"; img.style.height = "12px"; img.style.border = "none"; img.style.padding = "0 3px"; img.style.margin = "0"; if ((html && html.length > 0) || (blUrl != undefined)) { img.setAttribute("title", ""); img.attachEvent("onmouseover", function(e){avglsinlineflyover.popup(e, html, nSeverity, blUrl)}); img.attachEvent("onmouseout", function(e){avglsinlineflyover.hide(e)}); } // create the link element var newAnchor = doc.createElement("A"); newAnchor.setAttribute("id", "avg_ls_anch"); newAnchor.style.display = "inline-block"; newAnchor.style.background = "none repeat scroll 0 0 transparent"; newAnchor.appendChild(img); img = null; // insert the node as either a sibling or a child if (insertNode != null) anchor.parentNode.insertBefore(newAnchor, insertNode); else anchor.parentNode.appendChild(newAnchor); return newAnchor; };//////////////// SEARCH ENGINE /////////////////////////////// GOOGLE SEARCH ENGINE ///////////////searchshield.GoogleSearchEngine = function(search){ searchshield.SearchEngine.call(this, search); this.onlyPrimaries = false;};searchshield.GoogleSearchEngine.prototype = new searchshield.SearchEngine();searchshield.GoogleSearchEngine.prototype.constructor = searchshield.GoogleSearchEngine;searchshield.GoogleSearchEngine.prototype.name = "google"; // the name by which the search engine is known (always lowercase)searchshield.GoogleSearchEngine.prototype.validSearch = function(href) { var uri; if (typeof(this.search) === 'undefined' || null === this.search) uri = searchshield.parseLink(href); else uri = this.search.uri; if(!uri || !uri.host) return false; var hostMatch = false; var domain = uri.host; // re stitch the uri path and query elements to // use existing logic var path = uri.path + uri.delimiter + uri.query; // For Google the host must match: // .google.com OR // .google.com.XX OR // .google.co.XX OR // .google.XX where XX is a country code // one special case is www.googe.off.ai (Anguilla) // Where any subdomain can come before the top level domain if ( /(\.(?:google|mozilla)\.(?:com|(?:co|off)\.[a-z]{2}|[a-z]{2}))/i.test(domain) ) { //check the path if ((path.indexOf("search?") == 0) || (path.indexOf("sponsoredlinks?") == 0) || (path.indexOf("webhp?") == 0) || (path.indexOf("webhp#") == 0) || (path.indexOf("#q=") == 0) || (path.indexOf("#hl=") == 0) || (path.indexOf("#sclient=") == 0)) { return true; } } return false;};searchshield.GoogleSearchEngine.prototype.includeLink = function(tag){ var href = ""; var outHref = false; var findStr = ""; // check for interstitials if (searchshield.DoesURLContain(tag.href, this.search.uri.host)) { findStr = this.search.uri.host + "/interstitial?"; if (tag.className == "l" && tag.href) { if (tag.href.indexOf(findStr) != -1) { findStr = "?url="; var pos = tag.href.indexOf(findStr); if (pos !== -1) { pos += 5; outHref = tag.href.substring(pos); if (searchshield.FilterUrl(outHref, this.filter_urls)) return false; return outHref; } } } if (tag.className == "sla") { findStr = "/url?q="; urlPos = tag.href.indexOf(findStr); if (urlPos != -1) { urlPos += 7; outHref = tag.href.substring(urlPos); return outHref; } } // if an ad id if ((tag.id.indexOf("pa") == 0) || (tag.id.indexOf("an") == 0) || (tag.className == "resultLink")) { var urlPos = -1; // ads now need unescaping href = unescape(tag.href); findStr= "/url?sa="; if (href.indexOf(findStr) != -1) { // first kind, locate real url findStr= "&q=http"; urlPos = href.indexOf(findStr); if (urlPos != -1) urlPos += 3; // puts it on the http } if (urlPos == -1) { findStr = "/pagead/iclk?sa="; if (href.indexOf(findStr) != -1) { // second kind, locate real url findStr = "&adurl=http"; urlPos = href.indexOf(findStr); if (urlPos != -1) urlPos += 7; // puts it on the http } } if (urlPos == -1) { if (href.indexOf("/aclk?sa=") != -1) { // third kind urlPos = href.indexOf("&q=http"); if (urlPos != -1) urlPos += 3; // puts it on the http else { urlPos = href.indexOf("&lp=http"); if (urlPos != -1) urlPos += 4; else { findStr = "&adurl=http"; urlPos = href.indexOf(findStr); if (urlPos != -1) urlPos += 7; // puts it on the http } } } } if (urlPos == -1) { if (href.indexOf("/url?cad=") != -1) { // fourth kind urlPos = href.indexOf("&q=http"); if (urlPos != -1) urlPos += 3; // puts it on the http } } if (urlPos != -1) { outHref = href.substring(urlPos); // the destination url is in the href string of this redirector if (outHref.indexOf('xg4ken.com') > -1) { urlPos = (unescape(outHref)).indexOf('url[]=') + 6; var destUrl = (unescape(outHref)).substring(urlPos); if (searchshield.FilterUrl(destUrl, this.filter_urls)) { var destUrl = searchshield.getHrefFromCiteElement(tag); if (destUrl) return searchshield.checkUrl(searchshield.removeHtmlTags(destUrl)); return false; } return destUrl; } // filtered url but can get destination from href string if (outHref.indexOf('altfarm.mediaplex.com') > -1) { var tmpoh = unescape(outHref); var destUrl = tmpoh.substring(tmpoh.indexOf('DURL=')+5); if (destUrl != null) { var destUrl = unescape(destUrl); return destUrl; } } // extract any fragment text, shouldn't be unescaped var pound = outHref.indexOf("#"); if (pound != -1) { var fragment = outHref.substring(pound); outHref = outHref.substring(0, pound); outHref = unescape(outHref); outHref += fragment; if (searchshield.FilterUrl(outHref, this.filter_urls)) return false; return outHref; } outHref = unescape(outHref); if (outHref.indexOf("?") == -1) { var ampPos = outHref.indexOf("&"); if (ampPos != -1) outHref = outHref.substring(0, ampPos); } if (searchshield.FilterUrl(outHref, this.filter_urls)) { var destUrl = searchshield.getHrefFromCiteElement(tag); if (destUrl) return searchshield.checkUrl(searchshield.removeHtmlTags(destUrl)); return false; } return outHref; } } // recommended link - use following to see one // http://www.google.cz/search?hl=cs&q=warey&btnG=Hledat&lr=lang_cs // elem parent class = r // href must contain - url? and q=http var parentNode = tag.parentNode; if (parentNode && (parentNode.className.toLowerCase() == "r")) { href = tag.href; if (href && (href.indexOf("/url?") != -1)) { // locate the real url var urlPos = href.indexOf("q=http"); if (urlPos != -1) { urlPos += 2; outHref = href.substring(urlPos); // include entire param up to '&' var ampPos = outHref.indexOf("&"); if (ampPos != -1) outHref = outHref.substring(0, ampPos); return outHref; } } } } // no link to self else if (tag.className && (tag.className.charAt(0) == "l" || tag.className == "sla")) { // check for any images on the link if (0 === tag.getElementsByTagName("IMG").length) return tag.href; } // else nothing return false;};/////////////// GOOGLE ////////////////////////////// AVG GOOGLE SEARCH ENGINE ///////////////searchshield.AVGGoogleSearchEngine = function(search){ searchshield.SearchEngine.call(this, search); this.onlyPrimaries = false;};searchshield.AVGGoogleSearchEngine.prototype = new searchshield.SearchEngine();searchshield.AVGGoogleSearchEngine.prototype.constructor = searchshield.AVGGoogleSearchEngine;searchshield.AVGGoogleSearchEngine.prototype.name = "avggoogle"; // the name by which the search engine is known (always lowercase)searchshield.AVGGoogleSearchEngine.prototype.validSearch = function(href) { var uri; if (typeof(this.search) === 'undefined' || null === this.search) uri = searchshield.parseLink(href); else uri = this.search.uri; if(!uri || !uri.host) return false; var domain = uri.host; // re stitch the uri path and query elements to // use existing logic var path = uri.path + uri.delimiter + uri.query; if (domain.indexOf("search.avg.com") > -1) { // ads link back to google return true; } return false;};searchshield.AVGGoogleSearchEngine.prototype.includeLink = function(tag){ var outHref = false; var findStr = ""; // check for interstitials if (searchshield.DoesURLContain(tag.href, "google.com")) { // link back to self - DIV elem GrandParent class of res1 or res3 is Sponsored Link var parentNode = tag.parentNode; if (parentNode) { var grandParentNode = tag.parentNode.parentNode; if (grandParentNode) { if ((grandParentNode.tagName == "DIV") && ((grandParentNode.className.toLowerCase() == "res1") || (grandParentNode.className.toLowerCase() == "res3"))) { var urlPos = -1; // ads now need unescaping href = unescape(tag.href); if (urlPos == -1) { if (href.indexOf("/aclk?sa=") != -1) { findStr = "&adurl=http"; urlPos = href.indexOf(findStr); if (urlPos != -1) urlPos += 7; // puts it on the http } } if (urlPos != -1) { outHref = href.substring(urlPos); // the destination url is in the href string of this redirector if (outHref.indexOf('xg4ken.com') > -1) { urlPos = (unescape(outHref)).indexOf('url[]=') + 6; var destUrl = (unescape(outHref)).substring(urlPos); if (searchshield.FilterUrl(destUrl, this.filter_urls)) { var destUrl = searchshield.getHrefFromCiteElement(tag); if (destUrl) return searchshield.checkUrl(searchshield.removeHtmlTags(destUrl)); return false; } return destUrl; } // filtered url but can get destination from href string if (outHref.indexOf('altfarm.mediaplex.com') > -1) { var tmpoh = unescape(outHref); var destUrl = tmpoh.substring(tmpoh.indexOf('DURL=')+5); if (destUrl != null) { var destUrl = unescape(destUrl); return destUrl; } } // extract any fragment text, shouldn't be unescaped var pound = outHref.indexOf("#"); if (pound != -1) { var fragment = outHref.substring(pound); outHref = outHref.substring(0, pound); outHref = unescape(outHref); outHref += fragment; if (searchshield.FilterUrl(outHref, this.filter_urls)) return false; return outHref; } outHref = unescape(outHref); if (outHref.indexOf("?") == -1) { var ampPos = outHref.indexOf("&"); if (ampPos != -1) outHref = outHref.substring(0, ampPos); } if (searchshield.FilterUrl(outHref, this.filter_urls)) { var destUrl = searchshield.getHrefFromCiteElement(tag); if (destUrl) return searchshield.checkUrl(searchshield.removeHtmlTags(destUrl)); return false; } return outHref; } } } } } // no link to self else { var parentNode = tag.parentNode; if (parentNode) { var grandParentNode = tag.parentNode.parentNode; if (grandParentNode) { if ((grandParentNode.tagName == "DIV") && (grandParentNode.className.toLowerCase() == "res2")) { // check for any images on the link if (0 === tag.getElementsByTagName("IMG").length) return tag.href; } } } } // else nothing return false;}/////////////// AVG GOOGLE ////////////////////////////// YAHOO SEARCH ENGINE ///////////////searchshield.YahooSearchEngine = function(search){ searchshield.SearchEngine.call(this, search); this.showCleanVerdicts = false;};searchshield.YahooSearchEngine.prototype = new searchshield.SearchEngine();searchshield.YahooSearchEngine.prototype.constructor = searchshield.YahooSearchEngine;searchshield.YahooSearchEngine.prototype.name = "yahoo";searchshield.YahooSearchEngine.prototype.validSearch = function(href){ var uri; if (typeof(this.search) === 'undefined' || null === this.search) uri = searchshield.parseLink(href); else uri = this.search.uri; if(!uri || !uri.host) return false; var domain = uri.host; // re stitch the uri path and query elements to // use existing logic var path = uri.path + uri.delimiter + uri.query; // For Yahoo the host must match: // search.yahoo.com OR // xx.search.yahoo.com where xx is the country code OR // search.yahoo.co.jp OR // for Yahoo China: one.cn.yahoo.com, search.cn.yahoo.com or www.yahoo.cn if ((domain.match(/search\.yahoo\.co(?:m|\.jp)/i) || domain.match(/(?:search|one)\.cn\.yahoo\.com/i) || domain.match(/www\.yahoo\.cn/i)) && path.match(/^(?:search[;?]|s\?)/i)) { return true; } return false;};searchshield.YahooSearchEngine.prototype.includeLink = function(tag){ var href = ""; var outHref = ""; var findStr = ""; // yahoo likes to encode the url href = unescape(tag.href); if ((tag.className.indexOf("yschttl") != -1) || (tag.className.indexOf("spt") != -1)) { var da = href.indexOf("**"); var ad = href.indexOf("*-"); if (da != -1) outHref = href.substring(da+2); else if (ad != -1) outHref = href.substring(ad+2); else outHref = href ; if (outHref.toLowerCase().indexOf("overture.") !== -1) return false; } else if ((tag.tagName) && (tag.tagName === "A") && (!tag.className)) { var tagParent = tag.parentNode; // if anchor without className then search parentNodes if ((tagParent) && (tagParent.tagName !== "EM") && (searchshield.getParentNodeByClassName("yst-web", tag, 4))) { // China Yahoo support outHref = href; } else if ((tagParent) && (tagParent.tagName === "H3") && (!!searchshield.getParentNodeById("WS2m",tag, 5))) { // Japan Yahoo support var da = href.indexOf("**"); if (da == -1) outHref = href; else outHref = href.substring(da+2); } else if ((tagParent) && (tagParent.className !== "c") && (tagParent.parentNode.id !== "fpn") && (!!searchshield.getParentNodeByClassName("ymc", tag, 7))) { // Korea Yahoo support - when not caught by yschttl var da = href.indexOf("**"); if (da !== -1) outHref = href.substring(da+2); } } else if (!this.onlyPrimaries) { findStr = "&yargs="; var yargs = href.indexOf(findStr); if (yargs != -1) { outHref = href.substring(yargs+findStr.length); // check for prefix if (outHref.indexOf("://") == -1) outHref = "http://" + outHref; // if inside an <I>, probably a paypal link, don't include if (tag.parentNode && (tag.parentNode.tagName == "I")) return false; } } // filter domains // split the url based on '/' var parts = !!outHref ? outHref.split('/') : null; // Filter out domains that match any of the search engine's names if (!parts || !parts[2]) return false; var domain = parts[2]; if ((domain.indexOf("rdrjp.yahoo.com") != -1) || (domain.indexOf("rdrkrs.yahoo.com") != -1) || (domain.indexOf("rdrtpe.yahoo.com") != -1) || (domain.indexOf("rdrird.yahoo.com") != -1) || (domain.indexOf("rdrhk2.yahoo.com") != -1) || (domain.indexOf("rdrsg1.yahoo.com") != -1) || (domain.indexOf("rdrin2.yahoo.com") != -1) || (domain.indexOf("rdre1.yahoo.com") != -1) || (domain.indexOf("rdrw1.yahoo.com") != -1) ) { return false; } // set for yahoo to get parent node for image insertion var hash = searchshield.avgCallFunc(this.doc, 'GetHash', outHref); tag.setAttribute("id", "xplid_" + hash); return outHref;};/////////////// YAHOO SEARCH ENGINE ////////////////////////////// AVG YAHOO SEARCH ENGINE ///////////////searchshield.AVGYahooSearchEngine = function(search){ searchshield.SearchEngine.call(this, search); this.showCleanVerdicts = false; this.omitAltImage = true; this.updateImageStyle = { verticalAlign: null };};searchshield.AVGYahooSearchEngine.prototype = new searchshield.SearchEngine();searchshield.AVGYahooSearchEngine.prototype.constructor = searchshield.AVGYahooSearchEngine;searchshield.AVGYahooSearchEngine.prototype.name = "avgyahoo";searchshield.AVGYahooSearchEngine.prototype.validSearch = function(href){ var uri; if (typeof(this.search) === 'undefined' || null === this.search) uri = searchshield.parseLink(href); else uri = this.search.uri; if(!uri || !uri.host) return false; var domain= uri.host; //path may be 'avg/search' or 'search' var pathArray = uri.path.split("/"); var avg = pathArray[0]; // re stitch the uri path and query elements // to use existing logic var path = (undefined == pathArray[1]) ? pathArray[0] : pathArray[1]; path += uri.delimiter + uri.query; // For AVG Yahoo classic the host must match: // yhs.search.yahoo.com OR // .yhs.search.yahoo.com if (domain.indexOf("yhs.search.yahoo.co") != -1) { if ((avg == "avg") && ((path.indexOf("search?") == 0) || (path.indexOf("search;") == 0))) { return true; } } // also support new metro version which DOESN'T // contain /avg so avg split part is path // valid domains are: // search.yahoo.com, // xx.search.yahoo.com and // search.yahoo.co.xx if (domain.indexOf("search.yahoo.co") != -1) { // path (split avg) must start with search and // contain the avg toolbar parameter if (((path.indexOf("search?") == 0) || (path.indexOf("search;") == 0)) && (path.indexOf("fr=yhs-avg") != -1)) { return true; } } return false;};searchshield.AVGYahooSearchEngine.prototype.includeLink = function(tag){ var href = ""; var outHref = ""; var findStr = ""; if (this.search.doc.body.className.toLowerCase() != "standard") { // handle as std Yahoo results page return searchshield.YahooSearchEngine.prototype.includeLink(tag); } // yahoo likes to encode the url href = unescape(tag.href); if (tag.target == "_top") { var da = href.indexOf("**"); if (da != -1) outHref = href.substring(da+2); else outHref = href ; if (outHref.toLowerCase().indexOf("overture.") !== -1) return false; } else if (!this.onlyPrimaries) { findStr = "&yargs="; var yargs = href.indexOf(findStr); if (yargs != -1) { outHref = href.substring(yargs+findStr.length); // check for prefix if (outHref.indexOf("://") == -1) outHref = "http://" + outHref; // if inside an <I>, probably a paypal link, don't include if (tag.parentNode && (tag.parentNode.tagName == "I")) return false; } } // filter domains // split the url based on '/' var parts = outHref.split('/'); // Filter out domains that match any of the search engine's names if (!parts[2]) return false; var domain = parts[2]; if ((domain.indexOf("rdrjp.yahoo.com") != -1) || (domain.indexOf("rdrkrs.yahoo.com") != -1) || (domain.indexOf("rdrtpe.yahoo.com") != -1) || (domain.indexOf("rdrird.yahoo.com") != -1) || (domain.indexOf("rdrhk2.yahoo.com") != -1) || (domain.indexOf("rdrsg1.yahoo.com") != -1) || (domain.indexOf("rdrin2.yahoo.com") != -1) || (domain.indexOf("rdre1.yahoo.com") != -1) || (domain.indexOf("rdrw1.yahoo.com") != -1) ) { return false; } return outHref;};/////////////// AVG YAHOO SEARCH ENGINE ////////////////////////////// MSN SEARCH ENGINE ///////////////searchshield.MSNSearchEngine = function(search){ searchshield.SearchEngine.call(this, search); this.onlyPrimaries = false;};searchshield.MSNSearchEngine.prototype = new searchshield.SearchEngine();searchshield.MSNSearchEngine.prototype.constructor = searchshield.MSNSearchEngine;searchshield.MSNSearchEngine.prototype.name = "msn";searchshield.MSNSearchEngine.prototype.validSearch = function(href){ var uri; if (typeof(this.search) === 'undefined' || null === this.search) uri = searchshield.parseLink(href); else uri = this.search.uri; if(!uri || !uri.host) return false; var hostMatch = false; var domain = uri.host; // re stitch the uri path and query elements to // use existing logic var path = uri.path + uri.delimiter + uri.query; // For MSN the host must match: // search.msn.com OR // search.live.com if (domain.indexOf("search.msn.co") > -1) { if (domain.charAt(13) == 'm') hostMatch = true; else if ((domain.charAt(13) == '.') && (domain.length == 16)) hostMatch = true; } else if (domain.indexOf("search.live.co") > -1) { if (domain.charAt(14) == 'm') hostMatch = true; else if ((domain.charAt(14) == '.') && (domain.length == 17)) hostMatch = true; } if (hostMatch) { if (path.indexOf("results.aspx") == 0) return true; } return false;};searchshield.MSNSearchEngine.prototype.incl

Link to comment
Share on other sites

Hi tjscott71,

 

Welcome to The Pit!

 

I'm not sure about your mouse freezing... but you appear to have remnants of a redirector that could explain your other issues.

 

FrostWire

You have FrostWire , a P2P/file sharing programs installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

 

References for the risk of these programs can be found in these links:

http://www.microsoft.com/windows/ie/commun...protection.mspx

http://www.techweb.com/wire/160500554

http://www.internetworldstats.com/articles/art053.htm

 

 

I would recommend that you uninstall FrostWire , however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

 

If you wish to keep it, please do not use it until your computer is cleaned.

 

Using add or remove programs in your control panel... please uninstall MediaBar.

 

Then...

 

Download OTL to your desktop.

  • Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output
  • Check the boxes beside LOP Check and Purity Check.
  • In the window under Custom Scans/Fixes copy and paste the following

     

    netsvcs

    %SYSTEMDRIVE%\*.*

    %systemroot%\Fonts\*.com

    %systemroot%\Fonts\*.dll

    %systemroot%\Fonts\*.ini

    %systemroot%\Fonts\*.ini2

    %systemroot%\Fonts\*.exe

    %systemroot%\system32\spool\prtprocs\w32x86\*.*

    %systemroot%\REPAIR\*.bak1

    %systemroot%\REPAIR\*.ini

    %systemroot%\system32\*.jpg

    %systemroot%\*.jpg

    %systemroot%\*.png

    %systemroot%\*.scr

    %systemroot%\*._sy

    %APPDATA%\Adobe\Update\*.*

    %ALLUSERSPROFILE%\Favorites\*.*

    %APPDATA%\Microsoft\*.*

    %PROGRAMFILES%\*.*

    %APPDATA%\Update\*.*

    %systemroot%\*. /mp /s

    CREATERESTOREPOINT

    %systemroot%\System32\config\*.sav

    %PROGRAMFILES%\bak. /s

    %systemroot%\system32\bak. /s

    %ALLUSERSPROFILE%\Start Menu\*.lîk /x

    %systemroot%\system32\config\systemprofile\*.dat /x

    %systemroot%\*.config

    %systemroot%\system32\*.db

    %PROGRAMFILES%\Internet Explorer\*.dat

    %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x

    %USERPROFILE%\Deskuop\*.exe

    %PROGRAMFILES%\Common Files\*.*

    %systemroot%\*.src

    %systemroot%\install\*.*

    %systemroot%\system32\DLL\*.*

    %systemroot%\system32\HelpFiles\*.*

    %systemroot%\system32\rundll\*.*

    %systemroot%\winn32\*.*

    %systemroot%\Java\*.*

    %systemroot%\system32\test\*.*

    %systemroot%\system32\Rundll32\*.*

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

     

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

 

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Link to comment
Share on other sites

Okay Sorry it took so long. My mouse freezes like every 30 secs now. Was smart enough finally to use the front USB port for easy access. LOL

Here is the OTL.Txt

OTL logfile created on: 8/25/2011 10:27:30 PM - Run 1

OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\familypawn\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1021.98 Mb Total Physical Memory | 388.72 Mb Available Physical Memory | 38.04% Memory free

1.90 Gb Paging File | 1.35 Gb Available in Paging File | 70.91% Paging File free

Paging file location(s): C:\pagefile.sys 1021 1221 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 34.21 Gb Total Space | 2.54 Gb Free Space | 7.41% Space Free | Partition Type: NTFS

 

Computer Name: LARRY | User Name: familypawn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\familypawn\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()

PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)

PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)

PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)

PRC - C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (avg8emc) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )

DRV - (avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )

DRV - (avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)

DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)

DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)

DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)

DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)

DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)

DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)

DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)

DRV - (IntelC53) -- C:\WINDOWS\system32\drivers\IntelC53.sys (Intel Corporation)

DRV - (IntelC52) -- C:\WINDOWS\system32\drivers\IntelC52.sys (Intel Corporation)

DRV - (IntelC51) -- C:\WINDOWS\system32\drivers\IntelC51.sys (Intel Corporation)

DRV - (mohfilt) -- C:\WINDOWS\system32\drivers\mohfilt.sys (Intel Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.undata.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/08/09 08:22:28 | 000,000,000 | ---D | M]

 

[2010/08/28 08:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\familypawn\Application Data\Mozilla\Extensions

[2009/04/30 07:35:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\familypawn\Application Data\Mozilla\Extensions\mozswing@mozswing.org

 

O1 HOSTS File: ([2009/07/06 13:59:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [AVG8_TRAY] File not found

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)

O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe ()

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [sunJavaUpdateSched] File not found

O4 - HKCU..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()

O4 - HKCU..\RunOnce: [shockwave Updater] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_24.dll (Sun Microsystems, Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe (Virtools WebPlayer Class)

O16 - DPF: {FAA26872-BB40-4AB2-8A6D-A49183581AAA} http://66.64.218.12/user/TSBnwCam.CAB (TSBnwCam Control)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O24 - Desktop WallPaper: C:\WINDOWS\Dell.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (stera) - File not found

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/08/25 20:13:11 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\familypawn\Desktop\OTL.exe

[2011/08/25 13:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\Desktop\DDS logs

[2011/08/25 11:46:06 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\familypawn\Desktop\dds.scr

[2011/08/25 11:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/08/25 11:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\Start Menu\Programs\HiJackThis

[2011/08/24 15:05:00 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\familypawn\Desktop\HousecallLauncher.exe

[2011/08/21 14:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\Application Data\DriverCure

[2011/08/21 14:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\Application Data\SpeedMaxPc

[2011/08/21 14:09:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc

[2011/08/16 10:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\My Documents\FrostWire

[2011/08/16 10:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\.frostwire5

[2011/08/16 10:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\familypawn\Start Menu\Programs\FrostWire 5

[2011/08/16 10:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5

[2011/08/13 19:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime

[2011/08/13 19:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2011/08/10 04:23:17 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys

[2011/08/10 04:22:14 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/08/25 22:24:02 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job

[2011/08/25 21:54:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/08/25 20:49:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/08/25 20:49:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/08/25 20:29:13 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{ACE693EE-D5E1-4DF8-AEBC-CBA0027768DE}.job

[2011/08/25 20:20:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\prvlcl.dat

[2011/08/25 20:13:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\familypawn\Desktop\OTL.exe

[2011/08/25 20:05:57 | 000,282,664 | ---- | M] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\census.cache

[2011/08/25 20:05:54 | 000,215,661 | ---- | M] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\ars.cache

[2011/08/25 17:08:06 | 129,731,166 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2011/08/25 13:27:37 | 000,013,183 | ---- | M] () -- C:\Documents and Settings\familypawn\My Documents\hijackthisa

[2011/08/25 13:24:22 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\familypawn\Desktop\HiJackThis.lnk

[2011/08/25 11:46:15 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\familypawn\Desktop\dds.scr

[2011/08/24 23:34:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/08/24 15:05:16 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\housecall.guid.cache

[2011/08/24 15:05:05 | 002,002,320 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\familypawn\Desktop\HousecallLauncher.exe

[2011/08/24 13:08:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/08/21 14:18:49 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\familypawn\Desktop\Solitaire.lnk

[2011/08/20 16:11:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/08/16 10:34:29 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\familypawn\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.0.8.lnk

[2011/08/16 10:34:29 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\familypawn\Desktop\FrostWire 5.0.8.lnk

[2011/08/16 10:17:35 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011/08/10 14:30:41 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\familypawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk

[2011/08/10 12:27:01 | 000,449,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/08/10 12:27:01 | 000,075,704 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/08/10 12:21:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/08/09 08:22:29 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/08/25 13:27:37 | 000,013,183 | ---- | C] () -- C:\Documents and Settings\familypawn\My Documents\hijackthisa

[2011/08/25 11:43:39 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\familypawn\Desktop\HiJackThis.lnk

[2011/08/24 15:24:17 | 000,282,664 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\census.cache

[2011/08/24 15:24:04 | 000,215,661 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\ars.cache

[2011/08/24 15:05:16 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\housecall.guid.cache

[2011/08/16 10:34:29 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\familypawn\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.0.8.lnk

[2011/08/16 10:34:29 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\familypawn\Desktop\FrostWire 5.0.8.lnk

[2011/05/08 13:50:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\prvlcl.dat

[2009/08/19 19:17:38 | 000,043,792 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/07/06 13:48:20 | 000,155,136 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2009/07/06 13:48:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2009/07/06 13:48:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2009/07/06 13:48:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2009/01/29 21:23:39 | 000,017,991 | -H-- | C] () -- C:\WINDOWS\hpothb07.dat

[2008/11/25 11:16:01 | 000,019,791 | ---- | C] () -- C:\WINDOWS\HPHins02.dat

[2008/11/25 11:16:01 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat

[2008/11/25 10:59:49 | 000,019,375 | ---- | C] () -- C:\WINDOWS\HPHins02.dat.temp

[2008/11/25 10:59:49 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat.temp

[2008/11/25 10:59:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe

[2008/11/25 10:59:10 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat

[2008/04/07 20:06:14 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/02/12 18:36:25 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\familypawn\Local Settings\Application Data\fusioncache.dat

[2008/01/15 21:17:53 | 000,000,098 | ---- | C] () -- C:\WINDOWS\RCASMVVC.ini

[2007/11/14 09:25:14 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2007/11/12 16:05:29 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2007/05/20 12:17:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2007/05/03 23:46:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2007/04/24 10:18:16 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\familypawn\Application Data\PFP120JPR.{PB

[2007/04/24 10:18:16 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\familypawn\Application Data\PFP120JCM.{PB

[2007/04/24 09:47:03 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2005/10/14 02:15:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/10/14 02:00:18 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/10/14 01:58:07 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2005/10/14 01:33:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe

[2005/10/14 01:33:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

[2005/10/14 01:32:52 | 000,000,394 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/01/28 08:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/08/10 12:57:15 | 000,203,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/10 12:51:20 | 000,449,362 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/10 12:51:20 | 000,075,704 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

 

========== LOP Check ==========

 

[2010/11/10 08:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2010/03/24 07:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/11/10 08:29:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2007/04/24 15:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft

[2011/05/20 19:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011/08/21 14:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc

[2008/12/06 17:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2005/10/14 01:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2008/02/18 18:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO

[2009/04/03 10:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[2010/04/10 08:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/09/10 20:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/04/10 10:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2008/02/18 18:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\Aim

[2010/11/10 08:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\AVG10

[2010/09/27 12:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\Catalina Marketing Corp

[2011/08/21 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\DriverCure

[2010/01/06 20:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\GARMIN

[2011/08/21 14:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\SpeedMaxPc

[2009/09/19 13:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\Unity

[2009/12/25 07:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\familypawn\Application Data\yoclient

[2011/08/25 20:29:13 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{ACE693EE-D5E1-4DF8-AEBC-CBA0027768DE}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2007/05/08 13:57:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2008/12/17 20:45:36 | 000,000,281 | RHS- | M] () -- C:\boot.ini

[2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr

[2009/07/06 14:07:25 | 000,010,550 | ---- | M] () -- C:\ComboFix.txt

[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2005/10/14 01:36:40 | 000,004,945 | RH-- | M] () -- C:\dell.sdr

[2006/02/07 00:32:52 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1

[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS

[2005/10/14 01:59:57 | 000,000,828 | -H-- | M] () -- C:\IPH.PH

[2008/01/28 06:35:12 | 000,068,913 | ---- | M] () -- C:\logfile

[2007/04/24 09:52:57 | 000,003,269 | ---- | M] () -- C:\lxce.log

[2007/04/24 09:55:50 | 000,000,388 | ---- | M] () -- C:\lxcescan.log

[2010/05/15 17:24:59 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt

[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS

[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/09/12 07:27:34 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2011/08/25 20:49:35 | 1070,596,096 | -HS- | M] () -- C:\pagefile.sys

[2006/03/04 23:02:47 | 000,000,192 | ---- | M] () -- C:\persist.dbs

[2009/02/17 21:39:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm

[2009/02/20 18:22:47 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm

[2009/02/22 16:18:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm

[2009/02/25 04:06:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm

[2008/01/31 14:53:09 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm

[2008/01/31 16:09:21 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm

[2008/02/14 16:50:28 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm

[2008/03/16 14:08:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2008/04/13 01:56:09 | 000,000,136 | -H-- | M] () -- C:\sqmdata08.sqm

[2008/05/11 13:53:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm

[2008/09/11 20:52:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm

[2008/10/09 16:00:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm

[2008/11/09 14:38:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm

[2008/11/25 16:23:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm

[2008/12/11 18:03:51 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm

[2009/01/09 16:43:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm

[2009/01/14 22:34:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm

[2009/01/15 17:04:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm

[2009/01/30 16:29:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm

[2009/02/02 22:16:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm

[2009/02/02 22:16:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2009/02/17 21:39:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2009/02/20 18:22:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2009/02/22 16:18:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2009/02/25 04:06:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2008/01/31 14:53:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2008/01/31 16:09:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2008/02/14 16:50:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2008/03/16 14:08:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2008/04/13 01:56:09 | 000,000,136 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2008/05/11 13:53:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2008/09/11 20:52:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2008/10/09 16:00:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2008/11/09 14:38:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2008/11/25 16:23:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2008/12/11 18:03:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm

[2009/01/09 16:43:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm

[2009/01/14 22:34:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm

[2009/01/15 17:04:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm

[2009/01/30 16:29:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm

[2005/10/14 02:00:14 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini

[2008/01/15 21:17:08 | 000,000,675 | ---- | M] () -- C:\ThVC_log.txt

[2007/04/24 15:06:45 | 000,012,891 | -HS- | M] () -- C:\vm404.log

[2009/07/06 10:47:59 | 000,088,262 | ---- | M] () -- C:\yxkic.txt

 

< %systemroot%\Fonts\*.com >

 

< %systemroot%\Fonts\*.dll >

 

< %systemroot%\Fonts\*.ini >

[2004/08/10 13:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

 

< %systemroot%\Fonts\*.ini2 >

 

< %systemroot%\Fonts\*.exe >

 

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

 

< %systemroot%\REPAIR\*.bak1 >

 

< %systemroot%\REPAIR\*.ini >

 

< %systemroot%\system32\*.jpg >

 

< %systemroot%\*.jpg >

 

< %systemroot%\*.png >

 

< %systemroot%\*.scr >

[2009/02/06 19:03:18 | 000,307,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

< %systemroot%\*._sy >

 

< %APPDATA%\Adobe\Update\*.* >

 

< %ALLUSERSPROFILE%\Favorites\*.* >

 

< %APPDATA%\Microsoft\*.* >

[2009/05/25 16:37:54 | 000,001,674 | -H-- | M] () -- C:\Documents and Settings\familypawn\Application Data\Microsoft\LastFlashConfig.WFC

 

< %PROGRAMFILES%\*.* >

 

< %APPDATA%\Update\*.* >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\System32\config\*.sav >

[2004/08/10 12:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2004/08/10 12:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2004/08/10 12:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 

< %PROGRAMFILES%\bak. /s >

 

< %systemroot%\system32\bak. /s >

 

< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >

[2008/09/12 07:35:36 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

[2005/10/14 02:02:54 | 000,000,995 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Program Updates.lnk

[2011/08/21 14:13:22 | 000,001,563 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk

[2004/08/10 13:04:12 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk

[2011/08/21 14:13:22 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk

 

< %systemroot%\system32\config\systemprofile\*.dat /x >

 

< %systemroot%\*.config >

 

< %systemroot%\system32\*.db >

 

< %PROGRAMFILES%\Internet Explorer\*.dat >

 

< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >

 

< %USERPROFILE%\Deskuop\*.exe >

 

< %PROGRAMFILES%\Common Files\*.* >

 

< %systemroot%\*.src >

 

< %systemroot%\install\*.* >

 

< %systemroot%\system32\DLL\*.* >

 

< %systemroot%\system32\HelpFiles\*.* >

 

< %systemroot%\system32\rundll\*.* >

 

< %systemroot%\winn32\*.* >

 

< %systemroot%\Java\*.* >

 

< %systemroot%\system32\test\*.* >

 

< %systemroot%\system32\Rundll32\*.* >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-24 17:55:53

 

< >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

 

< End of report >

And the Extras.Txt

OTL Extras logfile created on: 8/25/2011 10:27:30 PM - Run 1

OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\familypawn\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1021.98 Mb Total Physical Memory | 388.72 Mb Available Physical Memory | 38.04% Memory free

1.90 Gb Paging File | 1.35 Gb Available in Paging File | 70.91% Paging File free

Paging file location(s): C:\pagefile.sys 1021 1221 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 34.21 Gb Total Space | 2.54 Gb Free Space | 7.41% Space Free | Partition Type: NTFS

 

Computer Name: LARRY | User Name: familypawn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0

"C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe" = C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire

"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe

"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe

"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)

"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM -- ()

"C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe" = C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza

"C:\Program Files\Blubster\Blubster.exe" = C:\Program Files\Blubster\Blubster.exe:*:Enabled:Blubster

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn

"{03FB0ED6-F37C-49A9-BBC5-AAE30E111E4C}" = RCA SMV Video Converter

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 24

"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10

"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold

"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5

"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore

"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics

"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update

"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg

"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001

"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool

"{605A4E39-613C-4A12-B56F-DEFBE67572

Link to comment
Share on other sites

tjscott71,

 

Double click on OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :
:Processes

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top

  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.

     

    The problem with you mouse is seeming like a hardware problem. Do you have another mouse you can try?

     

    Download ComboFix from one of these locations:

     

    Link 1

    Link 2

     

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

     

     

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

     

     

    Posted Image

     

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

     

    Posted Image

     

     

    Click on Yes, to continue scanning for malware.

     

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

     

     

    Notes:

     

    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

    3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

    4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

    5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

  • Reboot your computer
Please post the OTL log.
Link to comment
Share on other sites

tjscott71,

 

Double click on OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :
:Processes

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top

  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.

     

    The problem with you mouse is seeming like a hardware problem. Do you have another mouse you can try?

     

    Download ComboFix from one of these locations:

     

    Link 1

    Link 2

     

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

     

     

    Posted Image

     

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

     

    Posted Image

     

     

    Click on Yes, to continue scanning for malware.

     

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

     

     

    Notes:

     

    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

    3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

    4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

    5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

  • Reboot your computer
Please post the OTL log.

 

Link to comment
Share on other sites

keeps timing out on me.

All processes killed

========== PROCESSES ==========

========== OTL ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{57F02779-3D88-4958-8AD3-83C12D86ADC7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57F02779-3D88-4958-8AD3-83C12D86ADC7}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 150183 bytes

 

User: All Users

 

User: Dana

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Java cache emptied: 51362212 bytes

->Flash cache emptied: 27877 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32969 bytes

 

User: familypawn

->Temp folder emptied: 1331573973 bytes

->Temporary Internet Files folder emptied: 243360462 bytes

->Java cache emptied: 190935903 bytes

->Apple Safari cache emptied: 2433024 bytes

->Flash cache emptied: 2794989 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 177630 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 238398000 bytes

 

User: Owner

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 4361745 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 518767627 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78351625 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes

RecycleBin emptied: 23419296 bytes

 

Total Files Cleaned = 2,562.00 mb

 

 

OTL by OldTimer - Version 3.2.26.5 log created on 08262011_110612

 

Files\Folders moved on Reboot...

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF160.tmp not found!

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF16D.tmp not found!

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF1DB.tmp not found!

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF1E8.tmp not found!

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF225.tmp not found!

File\Folder C:\Documents and Settings\familypawn\Local Settings\Temp\~DFF232.tmp not found!

C:\Documents and Settings\familypawn\Local Settings\Temporary Internet Files\Content.IE5\ZIFWPFLW\ziffdavis-dest[1].htm moved successfully.

C:\Documents and Settings\familypawn\Local Settings\Temporary Internet Files\Content.IE5\71FV7SYO\index[4].htm moved successfully.

C:\Documents and Settings\familypawn\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

C:\Documents and Settings\familypawn\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

 

Registry entries deleted on Reboot...

Link to comment
Share on other sites

Here is half of the other scan

 

ComboFix 11-08-26.04 - familypawn 08/26/2011 11:32:21.4.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.526 [GMT -5:00]

Running from: c:\documents and settings\familypawn\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\familypawn\GoToAssistDownloadHelper.exe

c:\documents and settings\familypawn\Start Menu\Internet Explorer.lnk

c:\windows\Downloaded Program Files\CpnMgr.dll

c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf

.

.

((((((((((((((((((((((((( Files Created from 2011-07-26 to 2011-08-26 )))))))))))))))))))))))))))))))

.

.

2011-08-26 16:06 . 2011-08-26 16:06 -------- d-----w- C:\_OTL

2011-08-25 16:43 . 2011-08-25 16:43 388096 ----a-r- c:\documents and settings\familypawn\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-08-25 16:43 . 2011-08-25 16:43 -------- d-----w- c:\program files\Trend Micro

2011-08-21 19:10 . 2011-08-21 19:10 -------- d-----w- c:\documents and settings\familypawn\Application Data\DriverCure

2011-08-21 19:10 . 2011-08-21 19:10 -------- d-----w- c:\documents and settings\familypawn\Application Data\SpeedMaxPc

2011-08-21 19:09 . 2011-08-21 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMaxPc

2011-08-16 15:35 . 2011-08-16 16:37 -------- d-----w- c:\documents and settings\familypawn\.frostwire5

2011-08-16 15:33 . 2011-08-16 16:25 -------- d-----w- c:\program files\FrostWire 5

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll

2011-08-14 00:27 . 2011-08-14 00:28 -------- d-----w- c:\program files\QuickTime

2011-08-10 09:23 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-10 09:22 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-16 15:17 . 2011-05-21 04:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-15 13:29 . 2005-10-14 06:32 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-12 16:20 . 2011-07-12 16:20 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-07-12 16:20 . 2011-07-12 16:20 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-07-08 14:02 . 2004-08-10 17:51 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-07-07 00:52 . 2009-07-06 14:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-07 00:52 . 2009-07-06 14:19 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-05 23:37 . 2011-07-05 23:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-07-05 23:37 . 2011-07-05 23:37 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-06-24 14:10 . 2004-08-10 18:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-23 18:36 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll

2011-06-23 18:36 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-06-23 18:36 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-06-23 12:05 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-06-02 14:02 . 2004-08-10 17:51 1858944 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((( SnapShot@2009-07-06_19.00.42 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-04-19 03:51 . 2011-04-19 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll

+ 2009-07-12 06:02 . 2009-07-12 06:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll

+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll

+ 2011-01-11 15:59 . 2011-01-11 15:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll

+ 2009-07-12 06:05 . 2009-07-12 06:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll

+ 2009-07-12 06:05 . 2009-07-12 06:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll

+ 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll

+ 2009-07-12 02:54 . 2009-07-12 02:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll

+ 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll

+ 2009-07-12 02:32 . 2009-07-12 02:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll

+ 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll

+ 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll

+ 2009-07-12 07:07 . 2009-07-12 07:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll

+ 2009-07-12 07:19 . 2009-07-12 07:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll

+ 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll

+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll

+ 2011-08-26 16:17 . 2011-08-26 16:17 16384 c:\windows\temp\Perflib_Perfdata_194.dat

+ 2005-05-26 10:16 . 2009-08-07 00:24 44768 c:\windows\system32\wups2.dll

+ 2004-08-10 18:02 . 2009-08-07 00:24 35552 c:\windows\system32\wups.dll

+ 2004-08-10 18:02 . 2009-08-07 00:24 53472 c:\windows\system32\wuauclt.exe

+ 2004-08-10 17:51 . 2006-10-19 03:47 99840 c:\windows\system32\wmpshell.dll

+ 2004-08-10 17:51 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll

+ 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe

+ 2008-07-30 02:10 . 2008-07-30 02:10 26112 c:\windows\system32\TsWpfWrp.exe

+ 2004-08-10 17:51 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe

- 2004-08-10 17:51 . 2008-04-14 00:12 75776 c:\windows\system32\strmfilt.dll

+ 2004-08-10 17:51 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll

+ 2004-08-10 17:51 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll

+ 2006-02-08 05:00 . 2009-01-07 23:21 26144 c:\windows\system32\spupdsvc.exe

+ 2004-08-10 17:51 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe

+ 2009-08-21 18:47 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

- 2008-01-16 02:08 . 2008-07-09 07:38 17272 c:\windows\system32\spmsg.dll

+ 2010-02-08 13:31 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll

+ 2009-10-27 12:28 . 2009-08-07 00:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll

+ 2009-10-27 12:28 . 2009-08-07 00:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll

- 2004-08-10 17:51 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll

+ 2004-08-10 17:51 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll

+ 2008-08-22 06:48 . 2010-03-23 15:28 79536 c:\windows\system32\Restore\rstrlog.dat

+ 2010-06-21 20:25 . 2009-10-16 07:33 41472 c:\windows\system32\ReinstallBackups\0011\DriverFiles\usbaapl.sys

+ 2009-09-11 01:44 . 2009-07-09 17:16 39424 c:\windows\system32\ReinstallBackups\0010\DriverFiles\usbaapl.sys

- 2004-08-10 17:51 . 2008-04-14 00:12 79872 c:\windows\system32\raschap.dll

+ 2004-08-10 17:51 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll

+ 2010-03-31 05:16 . 2010-03-31 05:16 99176 c:\windows\system32\PresentationHostProxy.dll

+ 2004-08-10 17:51 . 2009-03-08 09:31 46592 c:\windows\system32\pngfilt.dll

+ 2004-08-10 17:51 . 2011-08-10 17:27 75704 c:\windows\system32\perfc009.dat

- 2006-06-29 13:05 . 2006-06-29 13:05 23552 c:\windows\system32\normaliz.dll

+ 2006-06-29 13:05 . 2009-01-07 23:20 23552 c:\windows\system32\normaliz.dll

- 2006-06-28 22:59 . 2006-06-28 22:59 24576 c:\windows\system32\nlsdl.dll

+ 2006-06-28 22:59 . 2009-01-07 23:20 24576 c:\windows\system32\nlsdl.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 49488 c:\windows\system32\netfxperf.dll

+ 2009-11-06 03:17 . 2009-11-06 03:17 11600 c:\windows\system32\mui\0409\mscorees.dll

+ 2004-08-04 05:56 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll

+ 2004-08-10 17:51 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll

+ 2004-08-10 17:51 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll

- 2004-08-10 17:51 . 2008-04-14 00:12 11264 c:\windows\system32\msrle32.dll

+ 2004-08-10 17:51 . 2009-03-08 09:31 48128 c:\windows\system32\mshtmler.dll

- 2004-08-10 17:51 . 2006-10-17 16:28 48128 c:\windows\system32\mshtmler.dll

+ 2004-08-10 17:51 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll

- 2004-08-10 17:51 . 2006-10-17 16:56 45568 c:\windows\system32\mshta.exe

+ 2004-08-10 17:51 . 2009-03-08 09:31 45568 c:\windows\system32\mshta.exe

+ 2006-10-17 16:58 . 2009-03-08 09:31 13312 c:\windows\system32\msfeedssync.exe

+ 2006-11-08 02:03 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 83968 c:\windows\system32\mscories.dll

+ 2004-08-10 17:51 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll

+ 2009-08-20 00:17 . 2009-12-28 03:46 43792 c:\windows\system32\mlfcache.dat

+ 2004-08-10 17:51 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll

+ 2004-08-04 05:56 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll

+ 2004-08-10 18:02 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll

- 2004-08-10 18:02 . 2008-04-14 00:11 81920 c:\windows\system32\isign32.dll

+ 2004-08-10 17:51 . 2009-03-08 09:32 94720 c:\windows\system32\inseng.dll

+ 2008-07-30 00:24 . 2008-07-30 00:24 97800 c:\windows\system32\infocardapi.dll

+ 2004-08-10 17:51 . 2009-03-08 09:31 34816 c:\windows\system32\imgutil.dll

+ 2006-11-07 08:26 . 2009-03-08 09:32 36864 c:\windows\system32\ieudinit.exe

+ 2004-08-10 17:51 . 2009-03-08 09:32 71680 c:\windows\system32\iesetup.dll

+ 2004-08-10 17:51 . 2009-03-08 09:32 55808 c:\windows\system32\iernonce.dll

- 2006-06-29 13:05 . 2006-06-29 13:05 26112 c:\windows\system32\idndl.dll

+ 2006-06-29 13:05 . 2009-01-07 23:20 26112 c:\windows\system32\idndl.dll

+ 2004-08-10 17:51 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll

- 2004-08-10 17:51 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll

+ 2008-07-30 00:24 . 2008-07-30 00:24 11264 c:\windows\system32\icardres.dll

+ 2006-10-17 16:58 . 2009-03-08 09:31 59904 c:\windows\system32\icardie.dll

+ 2004-08-10 17:51 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll

+ 2004-08-10 17:51 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll

+ 2008-07-30 02:10 . 2008-07-30 02:10 73720 c:\windows\system32\dxva2.dll

+ 2011-07-01 01:25 . 2011-05-10 13:06 42496 c:\windows\system32\DRVSTORE\usbaapl_5CBB3A09528F68FC4AD2F36E43C028E7E6F20400\usbaapl.sys

+ 2011-07-01 01:25 . 2011-05-10 13:06 18432 c:\windows\system32\DRVSTORE\netaapl_B71F8545DA20A81C41BFD744E8D7D9784787E916\netaapl.sys

+ 2009-09-11 01:53 . 2009-05-18 19:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys

+ 2007-11-11 13:00 . 2010-09-28 21:44 41984 c:\windows\system32\drivers\usbaapl.sys

+ 2008-11-20 19:19 . 2008-11-20 19:19 43872 c:\windows\system32\drivers\pxhelp20.sys

- 2008-04-07 23:16 . 2008-04-07 23:16 43872 c:\windows\system32\drivers\pxhelp20.sys

+ 2004-08-10 17:51 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys

+ 2004-08-10 17:51 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys

+ 2008-01-29 17:01 . 2009-05-18 19:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys

+ 2010-09-07 09:48 . 2011-03-16 21:03 32592 c:\windows\system32\drivers\avgrkx86.sys

+ 2007-04-24 20:26 . 2011-03-01 19:25 34896 c:\windows\system32\drivers\avgmfx86.sys

+ 2010-08-20 03:42 . 2011-02-10 12:53 27216 c:\windows\system32\drivers\AVGIDSShim.sys

+ 2010-08-20 03:42 . 2011-02-10 12:53 24144 c:\windows\system32\drivers\AVGIDSFilter.sys

+ 2010-09-13 22:27 . 2011-02-22 13:13 22992 c:\windows\system32\drivers\AVGIDSEH.sys

+ 2009-08-06 21:13 . 2004-08-04 03:31 36224 c:\windows\system32\drivers\an983.sys

- 2004-08-10 17:50 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll

+ 2004-08-10 17:50 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll

+ 2009-08-10 16:03 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\xolehlp.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\xmlprovi.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\xcopy.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 91648 c:\windows\system32\dllcache\xactsrv.dll

+ 2004-08-10 18:02 . 2009-08-07 00:24 35552 c:\windows\system32\dllcache\wups.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 32256 c:\windows\system32\dllcache\wupdmgr.exe

+ 2004-08-10 18:02 . 2009-08-07 00:24 53472 c:\windows\system32\dllcache\wuauclt.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\wstdecod.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 41984 c:\windows\system32\dllcache\wsnmp32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 11264 c:\windows\system32\dllcache\wshrm.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\wshisn.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\wship6.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 36864 c:\windows\system32\dllcache\wshcon.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 11264 c:\windows\system32\dllcache\wpnpinst.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 32256 c:\windows\system32\dllcache\wpabaln.exe

+ 2001-08-18 03:36 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\wowfaxui.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 10368 c:\windows\system32\dllcache\wowexec.exe

+ 2004-08-10 17:51 . 2006-10-19 03:47 99840 c:\windows\system32\dllcache\wmpshell.dll

+ 2004-08-10 18:02 . 2006-10-19 03:46 64000 c:\windows\system32\dllcache\wmplayer.exe

+ 2004-08-10 18:02 . 2006-10-19 03:47 96256 c:\windows\system32\dllcache\wmpband.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 52224 c:\windows\system32\dllcache\wmitimep.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 41472 c:\windows\system32\dllcache\wmipsess.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 18944 c:\windows\system32\dllcache\wmiprop.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 62464 c:\windows\system32\dllcache\wmipjobj.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\wmipiprt.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 75264 c:\windows\system32\dllcache\wmipicmp.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 61440 c:\windows\system32\dllcache\wmimsg.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 60928 c:\windows\system32\dllcache\wmicookr.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\wmiaprpl.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 51200 c:\windows\system32\dllcache\wmerrenu.dll

+ 2008-09-12 04:40 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\wlanapi.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 25088 c:\windows\system32\dllcache\wisc10.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 18944 c:\windows\system32\dllcache\winstrm.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\winmsd.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\winmgmtr.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\winmgmt.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\winchat.exe

+ 2004-08-10 17:57 . 2004-08-04 10:00 13600 c:\windows\system32\dllcache\wfwnet.drv

+ 2004-08-10 17:51 . 2008-04-14 00:12 65024 c:\windows\system32\dllcache\wextract.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 40448 c:\windows\system32\dllcache\webhits.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 43008 c:\windows\system32\dllcache\wbemperf.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\wbemads.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\wb32.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 30208 c:\windows\system32\dllcache\wabmig.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 85504 c:\windows\system32\dllcache\wabimp.dll

+ 2004-08-10 18:02 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\w32topl.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 49664 c:\windows\system32\dllcache\w32tm.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 33792 c:\windows\system32\dllcache\vssadmin.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\vss_ps.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 18176 c:\windows\system32\dllcache\vga64k.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 51456 c:\windows\system32\dllcache\vga256.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 98304 c:\windows\system32\dllcache\verifier.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\verifier.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 51712 c:\windows\system32\dllcache\vdmredir.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\utilman.exe

+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\dllcache\usrvpa.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 45116 c:\windows\system32\dllcache\usrvoica.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 49209 c:\windows\system32\dllcache\usrv80a.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 41019 c:\windows\system32\dllcache\usrsvpia.dll

+ 2001-08-18 03:37 . 2004-08-04 10:00 69700 c:\windows\system32\dllcache\usrshuta.exe

+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\dllcache\usrsdpia.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 77883 c:\windows\system32\dllcache\usrrtosa.dll

+ 2001-08-18 03:37 . 2004-08-04 10:00 61508 c:\windows\system32\dllcache\usrprbda.exe

+ 2001-08-18 03:37 . 2004-08-04 10:00 77891 c:\windows\system32\dllcache\usrmlnka.exe

+ 2001-08-18 03:36 . 2004-08-04 10:00 53305 c:\windows\system32\dllcache\usrlbva.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 86073 c:\windows\system32\dllcache\usrfaxa.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 77890 c:\windows\system32\dllcache\usrdpa.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 69699 c:\windows\system32\dllcache\usrcoina.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 61500 c:\windows\system32\dllcache\usrcntra.dll

+ 2004-08-10 17:58 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\usbui.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 17920 c:\windows\system32\dllcache\ureg.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\upnpcont.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\unsecapp.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\umdmxfrm.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 35840 c:\windows\system32\dllcache\umandlg.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 82432 c:\windows\system32\dllcache\ufat.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\udhisapi.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\tsshutdn.exe

+ 2008-09-12 04:40 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\tspkg.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\tskill.exe

+ 2008-09-12 04:40 . 2008-04-14 00:12 53248 c:\windows\system32\dllcache\tsgqec.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\tsdiscon.exe

+ 2004-08-10 17:51 . 2008-04-14 00:13 12168 c:\windows\system32\dllcache\tsddd.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\tscon.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 93696 c:\windows\system32\dllcache\tscfgwmi.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 52224 c:\windows\system32\dllcache\tsappcmp.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 59904 c:\windows\system32\dllcache\trnsprov.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 40960 c:\windows\system32\dllcache\trialoc.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 31744 c:\windows\system32\dllcache\tracert6.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 12288 c:\windows\system32\dllcache\tracert.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 61952 c:\windows\system32\dllcache\tmplprov.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\tftp.exe

+ 2004-08-10 17:51 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 19456 c:\windows\system32\dllcache\tcpsvcs.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\tcpmonui.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\tcpmib.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\tcmsetup.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 78848 c:\windows\system32\dllcache\tapiui.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 19200 c:\windows\system32\dllcache\tapi.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\syskey.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 15872 c:\windows\system32\dllcache\sysinv.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 18896 c:\windows\system32\dllcache\sysedit.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\synceng.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 51200 c:\windows\system32\dllcache\syncapp.exe

+ 2004-08-10 17:51 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll

+ 2004-08-10 17:57 . 2008-04-14 00:12 74752 c:\windows\system32\dllcache\storprop.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\stimon.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 86528 c:\windows\system32\dllcache\stdprov.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 59392 c:\windows\system32\dllcache\stclient.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\startoc.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\sstub.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\ssstars.scr

+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\ssmyst.scr

+ 2004-08-10 17:51 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ssmypics.scr

+ 2004-08-10 17:51 . 2008-04-14 00:12 20992 c:\windows\system32\dllcache\ssmarque.scr

+ 2004-08-10 17:51 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ssbezier.scr

+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 47104 c:\windows\system32\dllcache\srdiag.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 58434 c:\windows\system32\dllcache\srchctls.dll

+ 2004-08-10 17:57 . 2004-08-04 10:00 24661 c:\windows\system32\dllcache\spxcoins.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 72192 c:\windows\system32\dllcache\sprio800.dll

+ 2001-08-18 03:36 . 2004-08-04 10:00 70656 c:\windows\system32\dllcache\sprio600.dll

+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe

+ 2004-08-10 17:51 . 2008-04-14 10:42 11264 c:\windows\system32\dllcache\spnpinst.exe

+ 2001-08-18 03:36 . 2004-08-04 10:00 69632 c:\windows\system32\dllcache\spnike.dll

+ 2004-08-10 17:51 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll

+ 2004-08-10 17:57 . 2004-08-04 10:00 61440 c:\windows\system32\dllcache\spcplui.dll

+ 2004-08-10 17:57 . 2004-08-04 10:00 77824 c:\windows\system32\dllcache\spcommon.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 24576 c:\windows\system32\dllcache\sort.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\snmpapi.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\sniffpol.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 40960 c:\windows\system32\dllcache\smtpcons.dll

+ 2008-09-12 04:40 . 2008-04-14 00:12 73796 c:\windows\system32\dllcache\slserv.exe

+ 2008-09-12 04:40 . 2008-04-14 00:12 73832 c:\windows\system32\dllcache\slcoinst.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\skeys.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\sisbkup.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 70144 c:\windows\system32\dllcache\sigverif.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\sigtab.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\shutdown.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 77824 c:\windows\system32\dllcache\shrpubw.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\shadow.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\sfmapi.dll

+ 2008-09-12 04:40 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\setupn.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\setup.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 31232 c:\windows\system32\dllcache\sethc.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 56320 c:\windows\system32\dllcache\servdeps.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 14336 c:\windows\system32\dllcache\serialui.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\senscfg.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\sendcmsg.dll

+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll

- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll

+ 2004-08-04 05:56 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\sdhcinst.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\sdbinst.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 26624 c:\windows\system32\dllcache\scredir.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 36352 c:\windows\system32\dllcache\scrcons.exe

- 2009-04-14 22:23 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe

+ 2004-08-10 17:51 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\savedump.exe

+ 2004-08-10 17:57 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\sapisvr.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\safrslv.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\safrdm.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\safrcdlg.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 15872 c:\windows\system32\dllcache\rwinsta.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 42574 c:\windows\system32\dllcache\rvsezm.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 48706 c:\windows\system32\dllcache\rvse.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\runonce.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\runas.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 98304 c:\windows\system32\dllcache\rtm.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 31744 c:\windows\system32\dllcache\rtipxmib.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\rtcshare.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\rsvpmsg.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 49152 c:\windows\system32\dllcache\rsmui.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 24576 c:\windows\system32\dllcache\rsmsink.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\rsmps.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 49152 c:\windows\system32\dllcache\rsm.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\rsh.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\rrcm.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\rpcns4.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 25600 c:\windows\system32\dllcache\routemon.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 19968 c:\windows\system32\dllcache\route.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\rexec.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 12800 c:\windows\system32\dllcache\replace.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 59904 c:\windows\system32\dllcache\regsvc.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 33792 c:\windows\system32\dllcache\regini.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\rdshost.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\rdsaddin.exe

+ 2004-08-10 18:01 . 2008-04-14 00:13 87176 c:\windows\system32\dllcache\rdpwsx.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\rdpsnd.dll

+ 2004-08-10 17:51 . 2008-04-14 00:13 92424 c:\windows\system32\dllcache\rdpdd.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 21504 c:\windows\system32\dllcache\rcp.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 35840 c:\windows\system32\dllcache\rcimlby.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 12800 c:\windows\system32\dllcache\rasser.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\rassapi.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\rasrad.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 56832 c:\windows\system32\dllcache\rasphone.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 22528 c:\windows\system32\dllcache\rasmxs.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 11264 c:\windows\system32\dllcache\rasdial.exe

+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\rasautou.exe

+ 2004-08-10 18:01 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\qwinsta.exe

+ 2004-08-10 18:01 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\qprocess.exe

+ 2008-09-12 04:40 . 2008-04-14 00:12 62464 c:\windows\system32\dllcache\qcliprov.dll

+ 2004-08-10 18:01 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\qappsrv.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\proquota.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\prflbmsg.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 49152 c:\windows\system32\dllcache\powercfg.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 58880 c:\windows\system32\dllcache\pnrpnsp.dll

+ 2006-05-10 05:23 . 2009-03-08 09:31 46592 c:\windows\system32\dllcache\pngfilt.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 30720 c:\windows\system32\dllcache\plustab.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 33280 c:\windows\system32\dllcache\ping6.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\pifmgr.dll

+ 2004-08-04 05:56 . 2008-04-14 00:12 35328 c:\windows\system32\dllcache\pid.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\perfmon.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 15360 c:\windows\system32\dllcache\pentnt.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\pautoenr.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 21504 c:\windows\system32\dllcache\pathping.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 10240 c:\windows\system32\dllcache\panmap.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\packager.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 40448 c:\windows\system32\dllcache\osuninst.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 51200 c:\windows\system32\dllcache\oobebaln.exe

+ 2004-08-10 17:57 . 2004-08-04 10:00 24064 c:\windows\system32\dllcache\olesvr.dll

+ 2004-08-10 17:57 . 2004-08-04 10:00 82944 c:\windows\system32\dllcache\olecli.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\oleaccrc.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 35328 c:\windows\system32\dllcache\oemiglib.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\oemig50.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 20511 c:\windows\system32\dllcache\odtext32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 20510 c:\windows\system32\dllcache\odpdx32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 20510 c:\windows\system32\dllcache\odfox32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 20510 c:\windows\system32\dllcache\odexl32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 20511 c:\windows\system32\dllcache\oddbse32.dll

+ 2004-08-10 17:51 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll

+ 2004-08-10 17:51 . 2008-04-14 00:10 53279 c:\windows\system32\dllcache\odbcji32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 65536 c:\windows\system32\dllcache\odbccu32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 65536 c:\windows\system32\dllcache\odbccr32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 69632 c:\windows\system32\dllcache\odbcconf.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\odbcad32.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\odbc32gt.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 26224 c:\windows\system32\dllcache\odbc16gt.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ntvdmd.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\ntmsevt.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 40960 c:\windows\system32\dllcache\ntmsapi.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 57856 c:\windows\system32\dllcache\ntlanui.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 34560 c:\windows\system32\dllcache\ntio804.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 35424 c:\windows\system32\dllcache\ntio412.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 35648 c:\windows\system32\dllcache\ntio411.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 34560 c:\windows\system32\dllcache\ntio404.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 33840 c:\windows\system32\dllcache\ntio.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 29146 c:\windows\system32\dllcache\ntdos804.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 29274 c:\windows\system32\dllcache\ntdos412.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 29370 c:\windows\system32\dllcache\ntdos411.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 29146 c:\windows\system32\dllcache\ntdos404.sys

+ 2004-08-10 17:51 . 2004-08-04 10:00 27866 c:\windows\system32\dllcache\ntdos.sys

+ 2004-08-10 17:51 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\nslookup.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 54784 c:\windows\system32\dllcache\npptools.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\nppagent.exe

+ 2004-08-10 18:02 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\notiflag.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 28672 c:\windows\system32\dllcache\nmmkcert.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\nmevtmsg.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 77824 c:\windows\system32\dllcache\nmcom.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 81920 c:\windows\system32\dllcache\nmchat.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 28672 c:\windows\system32\dllcache\nmasnt.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 98304 c:\windows\system32\dllcache\nlhtml.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 36864 c:\windows\system32\dllcache\netstat.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 86016 c:\windows\system32\dllcache\netsh.exe

+ 2004-08-10 17:51 . 2008-04-14 00:12 42496 c:\windows\system32\dllcache\net.exe

+ 2010-12-14 21:16 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys

+ 2004-08-10 17:51 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\ndisnpp.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\nddenb32.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 20480 c:\windows\system32\dllcache\nbtstat.exe

+ 2004-08-10 17:51 . 2004-08-04 10:00 35840 c:\windows\system32\dllcache\narrhook.dll

+ 2008-09-12 04:39 . 2008-04-14 00:12 30208 c:\windows\system32\dllcache\napipsec.dll

+ 2004-08-10 18:01 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll

- 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\mtxlegih.dll

+ 2004-08-10 18:01 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\mtxdm.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 26624 c:\windows\system32\dllcache\msxmlr.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 37916 c:\windows\system32\dllcache\msxml2r.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 24576 c:\windows\system32\dllcache\msxactps.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 72704 c:\windows\system32\dllcache\msw3prt.dll

+ 2009-11-27 16:07 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\msvcirt.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 12288 c:\windows\system32\dllcache\mstinit.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\mst123.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\msswch.dll

+ 2004-08-10 18:02 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\mssoapr.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 35840 c:\windows\system32\dllcache\mssign32.dll

+ 2008-09-12 04:39 . 2008-04-13 18:14 76800 c:\windows\system32\dllcache\msshamsg.dll

+ 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 60416 c:\windows\system32\dllcache\msratelc.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 69632 c:\windows\system32\dllcache\msr2c.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 41984 c:\windows\system32\dllcache\msports.dll

+ 2004-08-10 17:51 . 2008-04-13 17:24 20480 c:\windows\system32\dllcache\msorc32r.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\msoobe.exe

+ 2004-08-10 18:02 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\msobweb.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\msobshel.dll

+ 2004-08-10 17:51 . 2004-08-04 10:00 33280 c:\windows\system32\dllcache\msobjs.dll

+ 2004-08-10 18:02 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\msobdl.dll

+ 2004-08-10 17:51 . 2008-04-14 00:12 39936 c:\windows

Link to comment
Share on other sites

Here is the second half of the combo fix log

 

+ 2011-02-11 13:25 . 2011-02-11 13:25 229888 c:\windows\ServicePackFiles\ServicePackCache\i386\fxscover.exe

+ 2004-08-10 18:02 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe

- 2004-08-10 18:02 . 2008-04-14 00:12 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe

+ 2008-07-30 04:40 . 2008-07-30 04:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe

+ 2008-07-30 04:40 . 2008-07-30 04:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll

+ 2009-08-21 18:49 . 2009-08-21 18:49 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi

+ 2008-07-29 23:47 . 2008-07-29 23:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

+ 2008-07-29 23:47 . 2008-07-29 23:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll

+ 2008-07-29 23:47 . 2008-07-29 23:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll

+ 2008-07-30 04:15 . 2008-07-30 04:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat

+ 2008-07-30 04:40 . 2008-07-30 04:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll

+ 2008-07-30 04:40 . 2008-07-30 04:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll

+ 2008-07-30 01:35 . 2008-07-30 01:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll

+ 2010-03-31 05:16 . 2010-03-31 05:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2008-07-30 02:10 . 2008-07-30 02:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll

+ 2008-07-30 00:16 . 2008-07-30 00:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe

+ 2010-04-08 04:48 . 2010-04-08 04:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

+ 2008-07-30 00:16 . 2008-07-30 00:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

+ 2010-04-08 04:48 . 2010-04-08 04:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2008-07-30 00:16 . 2008-07-30 00:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe

+ 2008-07-30 00:16 . 2008-07-30 00:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll

+ 2008-07-30 00:16 . 2008-07-30 00:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll

+ 2008-07-30 00:24 . 2008-07-30 00:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

+ 2008-07-30 00:16 . 2008-07-30 00:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe

+ 2010-09-22 14:43 . 2010-09-22 14:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2010-02-09 17:22 . 2010-02-09 17:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2008-11-25 09:59 . 2008-11-25 09:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

- 2005-09-23 12:28 . 2005-09-23 12:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2011-03-25 11:15 . 2011-03-25 11:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2008-07-25 16:17 . 2008-07-25 16:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2011-03-25 11:15 . 2011-03-25 11:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2011-03-25 11:15 . 2011-03-25 11:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

- 2005-09-23 12:29 . 2005-09-23 12:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

- 2005-09-23 12:29 . 2005-09-23 12:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2008-07-25 16:17 . 2008-07-25 16:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

- 2005-09-23 12:28 . 2005-09-23 12:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2008-07-25 16:16 . 2008-07-25 16:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

- 2005-09-23 12:28 . 2005-09-23 12:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2008-07-25 16:17 . 2008-07-25 16:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2008-07-25 16:17 . 2008-07-25 16:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2008-07-25 16:16 . 2008-07-25 16:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2010-09-23 07:26 . 2010-09-23 07:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

- 2007-04-14 01:58 . 2007-04-14 01:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

- 2007-04-14 01:56 . 2007-04-14 01:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

+ 2010-09-23 07:25 . 2010-09-23 07:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

+ 2010-09-23 08:17 . 2010-09-23 08:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

- 2007-04-14 02:30 . 2007-04-14 02:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2009-11-26 09:00 . 2009-11-26 09:00 429568 c:\windows\Installer\c5f8df2.msi

+ 2008-12-13 14:58 . 2008-12-13 14:58 754688 c:\windows\Installer\940c1d5.msp

+ 2009-08-21 18:49 . 2009-08-21 18:49 648192 c:\windows\Installer\940c1b2.msi

+ 2008-07-30 02:23 . 2008-07-30 02:23 250880 c:\windows\Installer\93f155c.msp

+ 2008-07-30 02:28 . 2008-07-30 02:28 278016 c:\windows\Installer\93f155a.msp

+ 2008-07-30 00:40 . 2008-07-30 00:40 291840 c:\windows\Installer\93f1558.msp

+ 2009-08-21 18:48 . 2009-08-21 18:48 137728 c:\windows\Installer\93f1552.msi

+ 2008-07-29 22:35 . 2008-07-29 22:35 553472 c:\windows\Installer\936ea01.msp

+ 2008-07-29 22:33 . 2008-07-29 22:33 506368 c:\windows\Installer\936e9ff.msp

+ 2008-07-29 22:37 . 2008-07-29 22:37 911360 c:\windows\Installer\936e9fe.msp

+ 2011-07-01 01:38 . 2011-07-01 01:38 771584 c:\windows\Installer\85395e6.msi

+ 2010-06-10 08:25 . 2010-06-10 08:25 200192 c:\windows\Installer\7a4d1532.msi

+ 2010-02-25 05:14 . 2010-02-25 05:14 543232 c:\windows\Installer\7a4d14c5.msp

+ 2009-11-12 19:31 . 2009-11-12 19:31 537600 c:\windows\Installer\4be99.msi

+ 2009-09-09 21:40 . 2009-09-09 21:40 632320 c:\windows\Installer\43f64aa8.msp

+ 2009-03-20 16:48 . 2009-03-20 16:48 183808 c:\windows\Installer\3fb95f2.msp

+ 2010-11-10 13:23 . 2010-11-10 13:23 219648 c:\windows\Installer\3933eaf.msi

+ 2011-03-11 19:46 . 2011-03-11 19:46 180224 c:\windows\Installer\2787ea45.msi

+ 2010-06-12 00:07 . 2010-06-12 00:07 168960 c:\windows\Installer\23dfed86.msp

+ 2009-08-07 08:00 . 2009-08-07 08:00 248832 c:\windows\Installer\21b5d2a.msi

+ 2010-09-24 02:02 . 2010-09-24 02:02 798208 c:\windows\Installer\1d230145.msp

+ 2011-05-12 20:26 . 2011-05-12 20:26 223232 c:\windows\Installer\1b2ef936.msi

+ 2010-11-12 17:08 . 2010-11-12 17:08 889344 c:\windows\Installer\18ba2eb0.msp

+ 2009-11-04 15:20 . 2009-11-04 15:20 424448 c:\windows\Installer\1495a8b.msi

+ 2011-06-24 08:17 . 2011-06-24 08:17 223744 c:\windows\Installer\1173043.msi

+ 2011-06-24 08:05 . 2011-06-24 08:05 467456 c:\windows\Installer\1172ff4.msi

+ 2009-09-11 01:55 . 2009-09-11 01:55 294912 c:\windows\Installer\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}\iPCUIco.exe

+ 2010-07-30 01:58 . 2010-07-30 01:58 897024 c:\windows\Installer\{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}\SafariIco.exe

+ 2011-03-11 02:24 . 2011-03-11 02:24 897024 c:\windows\Installer\{C73F2967-062E-48F2-A462-D335B8950183}\SafariIco.exe

+ 2011-07-24 14:09 . 2011-07-24 14:09 380928 c:\windows\Installer\{C73CA646-73B3-4AEF-A136-C37505745174}\iTunesIco.exe

+ 2010-06-11 13:39 . 2010-06-11 13:39 897024 c:\windows\Installer\{AFAC914D-9E83-4A89-8ABE-427521C82CCF}\SafariIco.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2007-05-04 04:44 . 2009-06-21 08:08 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2007-05-04 04:44 . 2011-08-10 17:12 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2011-07-24 14:19 . 2011-07-24 14:19 897024 c:\windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe

+ 2011-04-15 01:20 . 2011-04-15 01:20 897024 c:\windows\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe

+ 2010-11-19 03:28 . 2010-11-19 03:28 897024 c:\windows\Installer\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}\SafariIco.exe

+ 2010-09-10 01:20 . 2010-09-10 01:20 897024 c:\windows\Installer\{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}\SafariIco.exe

+ 2007-04-19 19:53 . 2007-04-19 19:53 109408 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLCTL.DLL

+ 2007-05-10 20:35 . 2007-05-10 20:35 120160 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSCONV97.DLL

+ 2007-04-19 20:01 . 2007-04-19 20:01 238424 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL

+ 2007-01-17 02:32 . 2007-01-17 02:32 136032 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL

+ 2008-02-28 09:04 . 2008-02-28 09:04 103776 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPATHPIA.DLL

+ 2007-04-19 19:54 . 2007-04-19 19:54 169312 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL

+ 2003-07-15 08:18 . 2003-07-15 08:18 141360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ATP.DLL

+ 2010-09-21 04:07 . 2010-09-21 04:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\readerupdater.exe

+ 2010-09-22 23:10 . 2010-09-22 23:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll

+ 2010-09-10 23:17 . 2010-09-10 23:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll

+ 2010-09-23 01:41 . 2010-09-23 01:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe

+ 2010-09-21 04:07 . 2010-09-21 04:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobearm.exe

+ 2010-09-23 09:47 . 2010-09-23 09:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe

+ 2010-09-22 23:04 . 2010-09-22 23:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll

+ 2010-09-23 00:39 . 2010-09-23 00:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe

+ 2010-09-21 04:07 . 2010-09-21 04:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobatupdater.exe

+ 2010-09-22 23:50 . 2010-09-22 23:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe

+ 2004-08-10 17:51 . 2007-06-27 04:10 317440 c:\windows\inf\unregmp2.exe

+ 2010-06-10 08:21 . 2010-02-25 06:24 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll

+ 2010-06-10 08:21 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll

+ 2010-06-10 08:21 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe

+ 2010-06-10 08:21 . 2010-02-25 06:24 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll

+ 2010-06-10 08:21 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll

+ 2010-06-10 08:21 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll

+ 2010-06-10 08:21 . 2010-02-25 06:24 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll

+ 2010-06-10 08:21 . 2010-02-25 06:24 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll

+ 2010-06-10 08:21 . 2009-03-08 09:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll

+ 2010-06-10 08:21 . 2010-02-25 06:24 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll

+ 2010-06-10 08:21 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe

+ 2010-04-14 08:03 . 2009-03-08 09:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll

+ 2010-04-14 08:03 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll

+ 2010-04-14 08:03 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe

+ 2010-03-31 12:57 . 2009-12-21 19:14 916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll

+ 2010-03-31 12:57 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll

+ 2010-03-31 12:57 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe

+ 2010-03-31 12:57 . 2009-12-21 19:14 206848 c:\windows\ie8updates\KB980182-IE8\occache.dll

+ 2010-03-31 12:57 . 2009-03-08 09:32 611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll

+ 2010-03-31 12:57 . 2009-12-21 19:14 594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll

+ 2010-03-31 12:57 . 2009-12-21 19:14 246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll

+ 2010-03-31 12:57 . 2009-12-21 19:14 184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll

+ 2010-03-31 12:57 . 2009-12-21 19:14 387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll

+ 2010-03-31 12:57 . 2009-12-21 13:19 173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe

+ 2010-01-23 09:01 . 2009-10-29 07:45 916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll

+ 2010-01-23 09:01 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll

+ 2010-01-23 09:01 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe

+ 2010-01-23 09:01 . 2009-10-29 07:45 206848 c:\windows\ie8updates\KB978207-IE8\occache.dll

+ 2010-01-23 09:01 . 2009-10-29 07:45 594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll

+ 2010-01-23 09:01 . 2009-10-29 07:45 246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll

+ 2010-01-23 09:01 . 2009-10-29 07:45 184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll

+ 2010-01-23 09:01 . 2009-10-29 07:45 387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll

+ 2010-01-23 09:01 . 2009-10-28 14:40 173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe

+ 2009-11-04 09:02 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll

+ 2009-11-04 09:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe

+ 2010-02-25 09:01 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll

+ 2010-02-25 09:01 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe

+ 2010-02-25 09:01 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll

+ 2009-12-09 14:00 . 2009-08-29 08:08 916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll

+ 2009-12-09 14:01 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll

+ 2009-12-09 14:01 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe

+ 2009-12-09 14:00 . 2009-08-29 08:08 206848 c:\windows\ie8updates\KB976325-IE8\occache.dll

+ 2009-12-09 14:00 . 2009-08-29 08:08 594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll

+ 2009-12-09 14:00 . 2009-08-29 08:08 246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll

+ 2009-12-09 14:00 . 2009-08-29 08:08 184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll

+ 2009-12-09 14:00 . 2009-08-29 08:08 387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll

+ 2009-12-09 14:00 . 2009-08-28 10:35 173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe

+ 2009-10-15 08:17 . 2009-07-03 17:09 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll

+ 2009-10-15 08:17 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll

+ 2009-10-15 08:17 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe

+ 2009-10-15 08:17 . 2009-07-03 17:09 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll

+ 2009-10-15 08:17 . 2009-07-03 17:09 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll

+ 2009-10-15 08:17 . 2009-07-03 17:09 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll

+ 2009-10-15 08:17 . 2009-07-03 17:09 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll

+ 2009-10-15 08:17 . 2009-07-03 17:09 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll

+ 2009-10-15 08:17 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe

+ 2009-08-10 16:02 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB972636-IE8\spuninst\updspapi.dll

+ 2009-08-10 16:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB972636-IE8\spuninst\spuninst.exe

+ 2009-08-10 16:03 . 2009-03-08 09:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll

+ 2009-08-10 16:03 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll

+ 2009-08-10 16:03 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe

+ 2009-08-10 16:03 . 2009-03-08 09:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll

+ 2009-08-10 16:03 . 2009-03-08 09:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll

+ 2009-08-10 16:03 . 2009-03-08 09:33 246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll

+ 2009-08-10 16:03 . 2009-03-08 09:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll

+ 2009-08-10 16:03 . 2009-03-08 19:09 391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll

+ 2009-08-10 16:03 . 2009-03-08 09:32 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe

+ 2009-09-09 12:23 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll

+ 2009-09-09 12:23 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe

+ 2009-09-09 12:23 . 2009-03-08 09:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll

+ 2011-08-10 17:08 . 2009-03-08 09:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll

+ 2011-08-10 17:09 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll

+ 2011-08-10 17:09 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe

+ 2011-08-10 17:08 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll

+ 2011-08-10 17:08 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll

+ 2011-08-10 17:08 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe

+ 2011-06-24 08:02 . 2009-03-08 09:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll

+ 2011-06-24 08:02 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll

+ 2011-06-24 08:02 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe

+ 2011-06-24 08:06 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll

+ 2011-06-24 08:06 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll

+ 2011-06-24 08:06 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe

+ 2011-06-24 08:06 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll

+ 2011-06-24 08:06 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll

+ 2011-06-24 08:06 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe

+ 2011-04-16 08:02 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll

+ 2011-04-16 08:02 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll

+ 2011-04-16 08:02 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe

+ 2011-04-16 08:02 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll

+ 2011-04-16 08:19 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll

+ 2011-04-16 08:19 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe

+ 2011-04-16 08:18 . 2010-12-20 23:59 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll

+ 2011-04-16 08:18 . 2010-12-20 23:59 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll

+ 2011-04-16 08:18 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe

+ 2011-02-09 18:22 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll

+ 2011-02-09 18:22 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll

+ 2011-02-09 18:22 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe

+ 2011-02-09 18:22 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll

+ 2011-02-09 18:22 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll

+ 2011-02-09 18:22 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe

+ 2010-12-15 09:12 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll

+ 2010-12-15 09:12 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll

+ 2010-12-15 09:12 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe

+ 2010-12-15 09:12 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll

+ 2010-12-15 09:12 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll

+ 2010-12-15 09:12 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe

+ 2010-10-13 21:11 . 2010-06-24 12:22 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll

+ 2010-10-13 21:11 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll

+ 2010-10-13 21:11 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe

+ 2010-10-13 21:11 . 2010-06-24 12:22 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll

+ 2010-10-13 21:11 . 2010-06-24 12:22 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll

+ 2010-10-13 21:11 . 2010-06-24 12:21 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll

+ 2010-10-13 21:11 . 2010-06-24 12:21 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll

+ 2010-10-13 21:11 . 2010-06-24 12:21 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll

+ 2010-10-13 21:11 . 2010-06-24 12:21 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll

+ 2010-10-13 21:11 . 2010-06-24 12:21 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll

+ 2010-10-13 21:11 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe

+ 2010-08-15 00:53 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll

+ 2010-08-15 00:53 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll

+ 2010-08-15 00:53 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe

+ 2010-08-15 00:53 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll

+ 2010-08-15 00:53 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll

+ 2010-08-15 00:53 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe

+ 2009-08-10 15:59 . 2009-06-29 16:12 827392 c:\windows\ie8\wininet.dll

+ 2009-08-10 15:59 . 2006-10-17 17:05 206336 c:\windows\ie8\winfxdocobj.exe

+ 2009-08-10 15:59 . 2009-06-29 16:12 233472 c:\windows\ie8\webcheck.dll

+ 2009-08-10 15:59 . 2007-07-12 23:31 765952 c:\windows\ie8\vgx.dll

+ 2009-08-10 15:59 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 105984 c:\windows\ie8\url.dll

+ 2009-08-10 16:01 . 2009-01-07 23:21 382496 c:\windows\ie8\spuninst\updspapi.dll

+ 2009-08-10 16:01 . 2009-01-07 23:20 231456 c:\windows\ie8\spuninst\spuninst.exe

+ 2009-08-10 15:59 . 2006-09-06 21:43 213216 c:\windows\ie8\spuninst.exe

+ 2009-08-10 15:59 . 2009-06-29 16:12 102912 c:\windows\ie8\occache.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 671232 c:\windows\ie8\mstime.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 193024 c:\windows\ie8\msrating.dll

+ 2009-08-10 15:59 . 2006-11-08 02:03 156160 c:\windows\ie8\msls31.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 477696 c:\windows\ie8\mshtmled.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 459264 c:\windows\ie8\msfeeds.dll

+ 2009-08-10 15:59 . 2008-05-09 10:53 512000 c:\windows\ie8\jscript.dll

+ 2009-08-10 15:59 . 2009-06-29 08:35 634632 c:\windows\ie8\iexplore.exe

+ 2009-08-10 15:59 . 2006-11-08 02:03 180736 c:\windows\ie8\ieui.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 268288 c:\windows\ie8\iertutil.dll

+ 2009-08-10 15:59 . 2006-11-08 02:03 287744 c:\windows\ie8\ieproxy.dll

+ 2009-08-10 15:59 . 2006-11-08 02:03 191488 c:\windows\ie8\iepeers.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 385024 c:\windows\ie8\iedkcs32.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 380928 c:\windows\ie8\ieapfltr.dll

+ 2009-08-10 15:59 . 2009-06-29 08:33 161792 c:\windows\ie8\ieakui.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 230400 c:\windows\ie8\ieaksie.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 153088 c:\windows\ie8\ieakeng.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 214528 c:\windows\ie8\dxtrans.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 347136 c:\windows\ie8\dxtmsft.dll

+ 2009-08-10 15:59 . 2009-06-29 16:12 124928 c:\windows\ie8\advpack.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 827392 c:\windows\ie7updates\KB972260-IE7\wininet.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 105984 c:\windows\ie7updates\KB972260-IE7\url.dll

+ 2009-08-07 08:05 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll

+ 2009-08-07 08:05 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe

+ 2009-08-07 08:05 . 2009-04-29 04:56 102912 c:\windows\ie7updates\KB972260-IE7\occache.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll

+ 2009-08-07 08:05 . 2009-04-29 04:56 477696 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll

+ 2009-08-07 08:05 . 2009-04-25 05:27 636088 c:\windows\ie7updates\KB972260-IE7\iexplore.exe

+ 2009-08-07 08:05 . 2009-04-29 04:55 268288 c:\windows\ie7updates\KB972260-IE7\iertutil.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 385024 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll

+ 2009-08-07 08:05 . 2009-04-25 05:26 161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll

+ 2009-08-07 08:05 . 2009-04-29 04:55 124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll

+ 2009-08-21 18:46 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll

+ 2009-08-21 18:46 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll

+ 2009-08-21 18:46 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll

+ 2009-08-21 18:46 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll

+ 2009-08-21 18:46 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll

+ 2008-11-12 18:01 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys

+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys

+ 2010-10-08 08:03 . 2010-10-08 08:03 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_5a2717d5\System.Drawing.dll

+ 2010-10-08 08:03 . 2010-10-08 08:03 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b693d0c1\System.Drawing.Design.dll

+ 2010-10-08 08:03 . 2010-10-08 08:03 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_2eec4492\CustomMarshalers.dll

+ 2011-08-10 17:49 . 2011-08-10 17:49 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe

+ 2011-08-10 17:49 . 2011-08-10 17:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\e8e227f8d6f7e673a88df199558f48b4\WindowsLiveLocal.WriterPlugin.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f73c94fa0013742b73f324125c580453\WindowsLive.Writer.FileDestinations.ni.dll

+ 2011-08-10 17:42 . 2011-08-10 17:42 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f1353befa955f012cd30f76ad8297306\WindowsLive.Writer.HtmlParser.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f0c4570b4222b775a7a40e097a5d8065\WindowsLive.Writer.Instrumentation.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\edc5f41c43b9691ee627f6830fbd3d63\WindowsLive.Writer.SpellChecker.ni.dll

+ 2011-06-28 00:48 . 2011-06-28 00:48 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d03ecf5f53da074d00ee83514cb01037\WindowsLive.Writer.Passport.ni.dll

+ 2011-08-10 17:42 . 2011-08-10 17:42 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a1e0ab442d63b900ab191df44c9bc87d\WindowsLive.Writer.Controls.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\93e2d41c89a4aec33e67d629636be312\WindowsLive.Writer.HtmlEditor.ni.dll

+ 2011-08-10 17:42 . 2011-08-10 17:42 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b820482a2d9fb2c2ca60d501d1f0fee\WindowsLive.Writer.BrowserControl.ni.dll

+ 2011-08-10 17:42 . 2011-08-10 17:42 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6ff7182984713139fd834adde115ae68\WindowsLive.Writer.Interop.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5ca46ae4422c6a299892ce94c321a562\WindowsLive.Writer.Localization.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\30ea49e7278bbc186912fef6cb23f8e1\WindowsLive.Writer.Extensibility.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\25b63a138fb6bb341ac5b712e87b843e\WindowsLive.Writer.BlogClient.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1eec36ce6bf0107aaff32457b9e45ded\WindowsLive.Writer.Mshtml.ni.dll

+ 2011-06-28 00:48 . 2011-06-28 00:48 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0885c8aa9ae29836cc0aa61ac5b1103d\WindowsLive.Writer.Interop.Mshtml.ni.dll

+ 2011-08-10 17:48 . 2011-08-10 17:48 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\3337eba040f4c0337e26225eea39a89f\WindowsLive.Client.ni.dll

+ 2011-08-10 17:39 . 2011-08-10 17:39 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll

+ 2011-06-28 00:45 . 2011-06-28 00:45 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll

+ 2011-08-10 17:38 . 2011-08-10 17:38 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll

+ 2011-08-10 18:07 . 2011-08-10 18:07 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll

Link to comment
Share on other sites

The log was so long because apparently you had an old 2009 version of ComboFix, (that was an update of a 2008 version), on you machine that had not been properly closed out. However, the log looks good.

 

keeps timing out on me.

What does?

 

Did you try a different mouse and see if your results are the same?

 

 

ESET Online Scanner:

 

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

 

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

 

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Link to comment
Share on other sites

Have not tried another mouse yet. Will pick one up this week when we go to town.

There was not a uninstall option that I could find on the Eset program.

The log file follows

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=649f5b9da5013a4492b76f5f70956c8d

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-08-26 09:45:22

# local_time=2011-08-26 04:45:22 (-0600, Central Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=1032 16777189 100 96 0 56728292 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=104385

# found=19

# cleaned=0

# scan_time=6825

C:\Documents and Settings\familypawn\My Documents\LimeWire\Saved\happy birthday.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (unable to clean) 00000000000000000000000000000000 I

C:\Program Files\MSN Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk.vir LNK/URL.B trojan (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3BROVLY.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3CJPEG.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3DTACTL.DLL.vir a variant of Win32/Toolbar.MyWebSearch.A application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3HISTSW.DLL.vir Win32/FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3HTTPCT.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3IMSTUB.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3POPSWT.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3PSSAVR.SCR.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3REPROX.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3SCRCTR.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3SHLLVW.DLL.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\F3WPHOOK.DLL.vir Win32/FunWeb application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\M3FFXTBR.JAR.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\4.bin\M3NTSTBR.JAR.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I

Link to comment
Share on other sites

COMBOFIX-Script

 

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

     

    File::
    C:\Documents and Settings\familypawn\My Documents\LimeWire\Saved\happy birthday.mp3
    C:\Program Files\MSN Messenger\msimg32.dll
    
    
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

     

    Posted Image

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

 

Other than the mouse... how are things working now?

Link to comment
Share on other sites

Sorry for the delay. Had to work. Anyway, I can pull up everything it looks like but still cannot access the weather radar map page at intellicast when everyone else still can...any ideas on that one?

Here is the combo log.

ComboFix 11-08-28.01 - familypawn 08/28/2011 15:39:55.5.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.480 [GMT -5:00]

Running from: c:\documents and settings\familypawn\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\familypawn\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

* Created a new restore point

.

FILE ::

"c:\documents and settings\familypawn\My Documents\LimeWire\Saved\happy birthday.mp3"

"c:\program files\MSN Messenger\msimg32.dll"

.

.

((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-28 )))))))))))))))))))))))))))))))

.

.

2011-08-26 19:46 . 2011-08-26 19:46 -------- d-----w- c:\program files\ESET

2011-08-26 16:06 . 2011-08-26 16:06 -------- d-----w- C:\_OTL

2011-08-25 16:43 . 2011-08-25 16:43 388096 ----a-r- c:\documents and settings\familypawn\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-08-25 16:43 . 2011-08-25 16:43 -------- d-----w- c:\program files\Trend Micro

2011-08-21 19:10 . 2011-08-21 19:10 -------- d-----w- c:\documents and settings\familypawn\Application Data\DriverCure

2011-08-21 19:10 . 2011-08-21 19:10 -------- d-----w- c:\documents and settings\familypawn\Application Data\SpeedMaxPc

2011-08-21 19:09 . 2011-08-21 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMaxPc

2011-08-16 15:35 . 2011-08-16 16:37 -------- d-----w- c:\documents and settings\familypawn\.frostwire5

2011-08-16 15:33 . 2011-08-16 16:25 -------- d-----w- c:\program files\FrostWire 5

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll

2011-08-14 00:29 . 2011-08-14 00:28 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll

2011-08-14 00:27 . 2011-08-14 00:28 -------- d-----w- c:\program files\QuickTime

2011-08-10 09:23 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-10 09:22 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-16 15:17 . 2011-05-21 04:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-15 13:29 . 2005-10-14 06:32 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-12 16:20 . 2011-07-12 16:20 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-07-12 16:20 . 2011-07-12 16:20 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-07-08 14:02 . 2004-08-10 17:51 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-07-07 00:52 . 2009-07-06 14:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-07 00:52 . 2009-07-06 14:19 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-05 23:37 . 2011-07-05 23:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-07-05 23:37 . 2011-07-05 23:37 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-06-24 14:10 . 2004-08-10 18:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-23 18:36 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll

2011-06-23 18:36 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-06-23 18:36 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-06-23 12:05 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-06-02 14:02 . 2004-08-10 17:51 1858944 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-08 176128]

"HPHUPD05"="c:\program files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe" [2005-07-08 49152]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152]

"HPHmon05"="c:\windows\system32\hphmon05.exe" [2005-07-08 491520]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"RunNarrator"="Narrator.exe" [2008-04-14 53760]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-28 13:01 11952 ----a-w- c:\windows\system32\avgrsstx.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0stera\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]

2007-03-15 16:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]

2004-12-06 06:05 127035 -c--a-w- c:\windows\system32\dla\tfswctrl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]

2005-01-27 06:02 86016 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2005-09-20 15:32 77824 -c--a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-09-20 15:36 114688 -c--a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-09-20 15:35 94208 -c--a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]

2003-09-04 01:12 221184 -c--a-w- c:\program files\Intel\Modem Event Monitor\IntelMEM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

2004-07-27 21:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2004-07-27 21:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 23:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2005-10-14 06:59 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=

"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 5:27 PM 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/7/2010 4:48 AM 32592]

R1 avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8/22/2008 2:16 AM 248656]

R1 avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [8/22/2008 2:16 AM 297168]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [4/18/2011 5:39 PM 7398752]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2/8/2011 5:33 AM 269520]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [8/19/2010 10:42 PM 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [8/19/2010 10:42 PM 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [8/19/2010 10:42 PM 27216]

S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]

S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/22/2008 2:16 AM 297752]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2010 7:16 PM 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2010 7:16 PM 135664]

.

Contents of the 'Scheduled Tasks' folder

.

2011-08-27 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]

.

2011-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:16]

.

2011-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:16]

.

2011-08-28 c:\windows\Tasks\HP Usg Daily.job

- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2008-11-25 04:55]

.

2011-08-28 c:\windows\Tasks\User_Feed_Synchronization-{ACE693EE-D5E1-4DF8-AEBC-CBA0027768DE}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.undata.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uDefault_Search_URL = hxxp://www.google.com/ie

mWindow Title = Microsoft Internet Explorer provided by CenturyTel

mSearch Bar = hxxp://www.google.com

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: {FAA26872-BB40-4AB2-8A6D-A49183581AAA} - hxxp://66.64.218.12/user/TSBnwCam.CAB

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-08-28 15:55

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(1412)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Microsoft Office\OFFICE11\msohev.dll

c:\program files\Common Files\Microsoft Shared\OFFICE11\MSOXEV.DLL

.

Completion time: 2011-08-28 16:02:19

ComboFix-quarantined-files.txt 2011-08-28 21:02

ComboFix2.txt 2011-08-26 16:54

ComboFix3.txt 2009-07-06 19:07

ComboFix4.txt 2008-12-19 04:36

ComboFix5.txt 2011-08-28 20:37

.

Pre-Run: 4,630,061,056 bytes free

Post-Run: 4,816,752,640 bytes free

.

- - End Of File - - 4E82072A39C2E61D2FDEDDBE2F79CAE4

Link to comment
Share on other sites

tjscott71,

 

Your Java is out of date and you have other old versions still on your computer, those old versions are now a security vulnerability:

 

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer - Version 6 update 27
Link to comment
Share on other sites

I ran the program and pushed remove all old versions. I will paste that log.

When I went to download the newest version I am confused at what to do now. I pushed the accept license agreement...then it tells me:

 

Java SE Runtime Environment 6 Update 27

You must accept the Oracle Binary Code License Agreement for Java SE to download this software.

 

Accept License Agreement Decline License Agreement

Thank you for accepting the Oracle Binary Code License Agreement for Java SE; you may now download this software.

 

 

Product / File Description

 

File Size

 

Download

Linux x86 - RPM Installer20.10 MB Posted Image jre-6u27-linux-i586-rpm.bin Linux x86 - Self Extracting Installer20.63 MB Posted Image jre-6u27-linux-i586.bin Linux x64 - RPM Installer19.67 MB Posted Image jre-6u27-linux-x64-rpm.bin Linux x64 - Self Extracting Installer20.25 MB Posted Image jre-6u27-linux-x64.bin Solaris x86 - Self Extracting Binary20.27 MB Posted Image jre-6u27-solaris-i586.sh Solaris SPARC - Self Extracting Binary25.10 MB Posted Image jre-6u27-solaris-sparc.sh Solaris SPARC 64-bit - Self Extracting Binary11.19 MB Posted Image jre-6u27-solaris-sparcv9.sh Solaris x64 - Self Extracting Binary7.48 MB Posted Image jre-6u27-solaris-x64.sh Windows x86 Kernel0.87 MB Posted Image jre-6u27-windows-i586-iftw-k.exe Windows x86 Online0.87 MB Posted Image jre-6u27-windows-i586-iftw.exe Windows x86 Offline16.12 MB Posted Image jre-6u27-windows-i586.exe Windows x6416.39 MB Posted Image jre-6u27-windows-x64.exeThank you for accepting the Oracle Binary Code License Agreement for Java SE; you may now download this software.

Then there are 12 choices.

The linux, solarus, windows86, windows 64 etc... Not sure what or which one to push so thought that I better wait.

 

Product / File Description

 

File Size

 

Download

Linux x86 - RPM Installer20.10 MB Posted Image jre-6u27-linux-i586-rpm.bin

 

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Mon Aug 29 07:33:14 2011

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_11

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_13

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_14

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_15

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_17

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_19

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_20

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_21

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_22

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\jre1.6.0_23

 

Found and removed: C:\Documents and Settings\familypawn\Application Data\Sun\Java\JRERunOnce.exe

 

Found and removed: Applications\java.exe

 

Found and removed: Applications\javaw.exe

 

Found and removed: JavaPlugin.FamilyVersionSupport

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

 

Found and removed: JavaScript

 

Found and removed: JavaScript Author

 

Found and removed: JavaScript1.1

 

Found and removed: JavaScript1.1 Author

 

Found and removed: JavaScript1.2

 

Found and removed: JavaScript1.2 Author

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

 

Found and removed: Software\Classes\JavaPlugin.160_24

 

Found and removed: Software\JavaSoft\Java Update

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_15

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_24

 

Found and removed: Software\JavaSoft\Java2D\1.5.0_03

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\JavaPlugin

 

Found and removed: SOFTWARE\Classes\JavaPlugin.142_03

 

Found and removed: SOFTWARE\Classes\JavaPlugin.150_03

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_15

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_24

 

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.4.2.0

 

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_15

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_24

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_24

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_15

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_24

 

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B02

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B03

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B02

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B03

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

 

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Mon Aug 29 07:33:37 2011

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

 

------------------------------------

 

Finished reporting.

Link to comment
Share on other sites

Choose the Windows x86 Offline. After you download it... close open programs and double click on the file you just downloaded. The installer will then start and you will be updated to the current version. Hopefully this will get your radar images showing again.

Link to comment
Share on other sites

Okay I have the newest version...but still can not pull it up. I can bypass the link and go straight to intellicast's home page and see the map. Guess that is what I will do.

I plugged in my neighbors wireless mouse and it seems to be working fine. Go figure.

Is there anything else that you would recommend me doing?

Thank you for all your help. You guys are truely amazing!

Link to comment
Share on other sites

tjscott71,

 

Time for some housekeeping

  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK.
  • Note the space between the X and the U, it needs to be there.
  • Posted Image
The above procedure will:
  • Implement some cleanup procedures.
  • Reset System Restore.

  • Double click on OTL to run it.
  • Click on CleanUp!
  • When done, you will be prompted to restart your computer. Please restart your computer.

Please re-enable any security that was disabled.

 

 

The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

 

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

 

I would also suggest you read this:

So how did I get infected in the first place?

by Tony Klein

 

 

Also: "How to prevent malware"

by miekiemoes

 

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved. :thumbup:

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...