HiJackThis

S

sarus86

New Member
Ok so i got a virus this afternoon and think i cleaned it up with malewarebytes and avira but now my boot up seems slow again, so i wanted to check and make sure my HiJackThis log was ok, let me know if there is anything i should do please. thank you

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:15:47 PM, on 1/26/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\C0100Mon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\OWNER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\OWNER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\for viruses\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C:\WINDOWS\system32\C0100Ext.ax] C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\C0100Ext.ax
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab
O20 - AppInit_DLLs: ,memovovo.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - F:\for viruses\Spyware Terminator\sp_rsser.exe

--
End of file - 6207 bytes
 
here

Please make sure to update Malwarebytes and then rescan, then post the result log. Also I would recommend checking your virus vault in Avira to make sure it isn't full. That way your A/V can fully eliminate any infections that are discovered.

I would also recommend installing Superantispyware. It can catch some things that Malwarebytes misses. Its easy to run and wont cause you problems. Just make sure to update before running it (as you would with any scanner).

From what I see in HJT, I believe that you are still infected.

I would recommend fixing these:
O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O20 - AppInit_DLLs: ,memovovo.dll

I'd let Johnb double check my findings before you take action on those HJT items. You know, just to be safe about it, eh? He is a moderator and he is good with what he does. However it wont hurt a bit to rerun Malwarebytes and get Super Antispyware and run it as well.

Also I do not see your A/V loading at startup. Did you disable it? In any case use msconfig and add check-marks to ALL instances of your Avira A/V the startup tab.
 
Last edited:
You have one entry that worries me. Please do the following.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
was he, well was he, punk!

So Johnb, was I ok on my suggestions?

I would recommend Combofix to people, but as I am not a trained operator of it I wont personally tell people to use it. Though I can tell that it works well in certain instances, thats all I'm gonna say on that.
 
gamblingman said:
O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
Click to expand...

These i would have not fixed. The Co100mon.exe belongs to the creative cam software that he might be running. Popupstopper is a decent program to stop popups, however i use the google toolbar. The last 04 entry is debateable.

I'm more concerned with a 020 entry. Thats an infection.
 
020 entry, memovovo.

I guess it comes down to what someone would use at startup. If it were me, I would eliminate things like the cam software, and I would just start the Popup blocker myself. Though for most users I suppose it may be better to leave programs like a popup blocker as a startup entry.

Seeing the O20 - AppInit_DLLs: ,memovovo.dll is when I realized that he has a major problem, as that is related to a trojan. I believe that Superantispyware could fix that, but it would probably be better to let Combofix deal with it.

Where and/or what causes that memovovo.dll? I'm going to venture that it could be from file sharing programs, or hazardous web sites or an attachment in an email.

I found a description of that 020 here from Super Antispyware: http://www.superantispyware.com/malwarefiles/MEMOVOVO.DLL.html
 
thank you for the help thus far guys, im at school right now so later today when i get home i will make sure i do all that and post my logs
 
ComboFix 10-01-27.03 - OWNER 01/27/2010 17:48:00.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.668 [GMT -5:00]
Running from: c:\documents and settings\OWNER\Desktop\combofix\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\mjurkymv.job

.
((((((((((((((((((((((((( Files Created from 2009-12-27 to 2010-01-27 )))))))))))))))))))))))))))))))
.

2010-01-27 22:33 . 2010-01-27 22:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-26 21:19 . 2010-01-26 21:19 -------- d-sh--w- c:\documents and settings\OWNER\PrivacIE
2010-01-26 21:11 . 2010-01-26 21:11 -------- d-sh--w- c:\documents and settings\OWNER\IETldCache
2010-01-26 21:09 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-26 21:09 . 2010-01-26 21:10 -------- d-----w- c:\windows\ie8updates
2010-01-26 21:08 . 2009-12-21 19:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-26 21:08 . 2009-12-21 19:14 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-26 21:08 . 2009-12-21 19:14 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-26 21:08 . 2009-12-21 19:14 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-26 21:08 . 2009-12-21 19:14 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-26 21:08 . 2009-12-21 19:14 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-26 21:07 . 2010-01-26 21:08 -------- dc-h--w- c:\windows\ie8
2010-01-26 20:49 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-26 20:49 . 2010-01-26 20:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-26 20:49 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-10 16:36 . 2010-01-26 17:51 -------- d-----w- c:\program files\COMODO
2010-01-09 20:59 . 2010-01-09 20:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-09 20:59 . 2010-01-09 20:59 -------- d-----w- c:\program files\Java
2010-01-09 20:59 . 2010-01-09 20:59 152576 ----a-w- c:\documents and settings\OWNER\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-09 20:58 . 2010-01-09 20:58 79488 ----a-w- c:\documents and settings\OWNER\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-09 16:18 . 2010-01-09 16:24 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-09 16:18 . 2009-03-30 14:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-01-09 16:18 . 2009-02-13 16:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-01-09 16:18 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-01-09 16:18 . 2010-01-09 16:18 -------- d-----w- c:\program files\Avira
2010-01-09 16:18 . 2010-01-09 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-07 15:02 . 2010-01-07 15:02 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2010-01-07 15:02 . 2010-01-07 15:02 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2010-01-07 15:02 . 2010-01-07 15:02 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-07 15:02 . 2010-01-07 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-01-07 15:02 . 2010-01-07 15:08 -------- d-----w- c:\documents and settings\OWNER\Application Data\Spyware Terminator
2010-01-06 18:58 . 2010-01-06 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-01-06 18:57 . 2010-01-09 14:57 -------- d-----w- c:\program files\Common Files\BitDefender
2009-12-30 17:39 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 20:41 . 2010-01-26 20:59 106868 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aevdf.dll
2010-01-25 20:41 . 2010-01-26 20:59 823675 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescript.dll
2010-01-14 14:57 . 2010-01-26 20:59 127348 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescn.dll
2010-01-14 14:57 . 2010-01-26 20:59 422262 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aepack.dll
2010-01-14 14:57 . 2010-01-26 20:59 2232695 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll
2010-01-14 14:57 . 2010-01-26 20:59 237942 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll
2010-01-14 14:57 . 2010-01-26 20:59 184693 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aecore.dll
2010-01-09 16:22 . 2010-01-26 20:59 479605 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll
2010-01-09 16:22 . 2010-01-26 20:59 369014 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aegen.dll
2010-01-09 15:04 . 2007-10-07 15:49 -------- d-----w- c:\documents and settings\OWNER\Application Data\U3
2009-12-21 19:14 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 15:51 . 2004-08-04 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-08 12:38 . 2010-01-26 20:59 246132 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aesbx.dll
2009-11-08 12:38 . 2010-01-26 20:59 196987 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeoffice.dll
2009-11-08 12:38 . 2010-01-26 20:59 393587 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeemu.dll
2009-11-08 12:38 . 2010-01-26 20:59 53618 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\CONFIG\AVWIN.INIaebb.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-09_15.20.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 07:19 . 2007-11-07 07:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2010-01-27 22:31 . 2010-01-27 22:31 16384 c:\windows\temp\Perflib_Perfdata_71c.dat
+ 2005-09-17 21:07 . 2009-01-07 23:21 26144 c:\windows\system32\spupdsvc.exe
+ 2008-09-12 16:46 . 2009-01-07 23:20 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 46592 c:\windows\system32\pngfilt.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 09:31 . 2009-03-08 09:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 09:31 . 2009-12-21 19:14 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-04 12:00 . 2009-03-08 09:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 59904 c:\windows\system32\icardie.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2010-01-09 16:18 . 2009-05-11 14:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2009-03-08 09:31 . 2009-03-08 09:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-03-08 09:34 . 2009-03-08 09:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 09:33 . 2009-12-21 19:14 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 09:24 . 2009-03-08 09:24 68608 c:\windows\system32\dllcache\hmmapi.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-03-08 09:33 . 2009-03-08 09:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 72704 c:\windows\system32\admparse.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2010-01-26 21:09 . 2009-03-08 09:33 12288 c:\windows\ie8updates\KB976325-IE8\xpshims.dll
+ 2010-01-26 21:09 . 2009-03-08 09:31 55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll
+ 2010-01-26 21:09 . 2009-03-08 09:33 25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2010-01-26 21:08 . 2009-03-08 19:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2010-01-26 21:07 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2010-01-26 21:07 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2010-01-26 21:07 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2010-01-26 21:07 . 2009-12-22 05:20 81920 c:\windows\ie8\ieencode.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2010-01-26 21:07 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2010-01-26 21:09 . 2009-03-08 09:35 2048 c:\windows\ie8updates\KB978506-IE8\iecompat.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
- 2008-08-26 15:13 . 2008-04-14 00:12 121856 c:\windows\system32\xmllite.dll
+ 2008-08-26 15:13 . 2009-01-07 23:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 09:34 . 2009-03-08 09:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 12:00 . 2009-03-08 09:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2009-03-08 09:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2009-03-08 09:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 09:32 . 2009-12-21 19:14 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 265720 c:\windows\system32\msdbg2.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 726528 c:\windows\system32\jscript.dll
+ 2010-01-09 20:59 . 2010-01-09 20:59 149280 c:\windows\system32\javaws.exe
+ 2010-01-09 20:59 . 2010-01-09 20:59 145184 c:\windows\system32\javaw.exe
+ 2010-01-09 20:59 . 2010-01-09 20:59 145184 c:\windows\system32\java.exe
+ 2009-03-08 09:22 . 2009-03-08 09:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 09:11 . 2009-03-08 09:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-04 12:00 . 2009-03-08 09:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 12:00 . 2009-12-21 13:19 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 12:00 . 2009-03-08 09:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-04 12:00 . 2009-03-08 09:31 348160 c:\windows\system32\dxtmsft.dll
+ 2008-04-21 06:44 . 2009-12-21 19:14 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 09:34 . 2009-03-08 09:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 09:33 . 2009-03-08 09:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-05-09 10:53 . 2009-03-08 09:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2009-03-08 09:34 . 2009-03-08 09:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-03-08 09:34 . 2009-12-21 19:14 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 09:34 . 2009-03-08 09:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-04 12:00 . 2009-03-08 09:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-05-09 10:53 . 2009-03-08 09:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 19:09 . 2009-03-08 19:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2009-03-08 09:31 . 2009-12-21 19:14 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 19:09 . 2009-12-21 19:14 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2009-03-08 09:33 . 2009-03-08 09:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 09:33 . 2009-03-08 09:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 09:32 . 2009-12-21 13:19 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 09:31 . 2009-03-08 09:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 12:00 . 2009-03-08 09:32 128512 c:\windows\system32\advpack.dll
+ 2010-01-09 20:59 . 2010-01-09 20:59 537600 c:\windows\Installer\2e19d.msi
+ 2010-01-09 16:16 . 2010-01-09 16:16 228352 c:\windows\Installer\1b467f.msi
+ 2010-01-26 21:09 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB978506-IE8\spuninst\updspapi.dll
+ 2010-01-26 21:09 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB978506-IE8\spuninst\spuninst.exe
+ 2010-01-26 21:10 . 2009-10-29 07:45 916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-26 21:10 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-26 21:10 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-26 21:10 . 2009-10-29 07:45 206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-26 21:10 . 2009-10-28 14:40 173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2010-01-26 21:09 . 2009-03-08 09:34 914944 c:\windows\ie8updates\KB976325-IE8\wininet.dll
+ 2010-01-26 21:09 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll
+ 2010-01-26 21:09 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe
+ 2010-01-26 21:09 . 2009-03-08 09:34 109568 c:\windows\ie8updates\KB976325-IE8\occache.dll
+ 2010-01-26 21:09 . 2009-03-08 09:32 594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll
+ 2010-01-26 21:09 . 2009-03-08 09:33 246784 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll
+ 2010-01-26 21:09 . 2009-03-08 09:31 183808 c:\windows\ie8updates\KB976325-IE8\iepeers.dll
+ 2010-01-26 21:09 . 2009-03-08 19:09 391536 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll
+ 2010-01-26 21:09 . 2009-03-08 09:32 173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe
+ 2010-01-26 21:07 . 2009-12-22 05:21 667136 c:\windows\ie8\wininet.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2010-01-26 21:07 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2010-01-26 21:07 . 2009-12-22 05:21 627712 c:\windows\ie8\urlmon.dll
+ 2010-01-26 21:08 . 2009-01-07 23:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-01-26 21:08 . 2009-01-07 23:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-01-26 21:07 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2010-01-26 21:07 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2010-01-26 21:07 . 2004-08-04 12:00 146432 c:\windows\ie8\msls31.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 449024 c:\windows\ie8\mshtmled.dll
+ 2010-01-26 21:07 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 251904 c:\windows\ie8\iepeers.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2010-01-26 21:07 . 2004-08-04 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2010-01-26 21:07 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 1208832 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2009-12-22 05:21 1509888 c:\windows\system32\shdocvw.dll
- 2004-08-04 12:00 . 2009-10-29 05:38 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-04 12:00 . 2009-12-21 19:14 5942784 c:\windows\system32\mshtml.dll
+ 2009-03-08 09:32 . 2009-12-21 19:14 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-07 02:07 . 2009-02-07 02:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2008-06-26 08:15 . 2009-12-21 19:14 1208832 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:15 . 2009-10-29 05:38 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-26 08:15 . 2009-12-22 05:21 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-04-21 06:44 . 2009-12-21 19:14 5942784 c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 1208832 c:\windows\ie8updates\KB978207-IE8\urlmon.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 5940736 c:\windows\ie8updates\KB978207-IE8\mshtml.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 1985536 c:\windows\ie8updates\KB978207-IE8\iertutil.dll
+ 2010-01-26 21:09 . 2009-03-08 09:34 1206784 c:\windows\ie8updates\KB976325-IE8\urlmon.dll
+ 2010-01-26 21:09 . 2009-03-08 09:41 5937152 c:\windows\ie8updates\KB976325-IE8\mshtml.dll
+ 2010-01-26 21:09 . 2009-03-08 09:32 1985024 c:\windows\ie8updates\KB976325-IE8\iertutil.dll
+ 2010-01-26 21:07 . 2009-12-22 05:21 3071488 c:\windows\ie8\mshtml.dll
+ 2010-01-26 21:06 . 2010-01-04 21:17 29634504 c:\windows\system32\MRT.exe
+ 2009-03-08 09:39 . 2009-12-21 19:14 11070464 c:\windows\system32\ieframe.dll
+ 2010-01-26 21:10 . 2009-10-29 07:45 11069952 c:\windows\ie8updates\KB978207-IE8\ieframe.dll
+ 2010-01-26 21:09 . 2009-03-08 09:39 11063808 c:\windows\ie8updates\KB976325-IE8\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
 
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"="c:\progra~1\PANICW~1\POP-UP~1\PSFree.exe" [2003-04-29 524288]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-06-07 155648]
"Google Update"="c:\documents and settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-12-03 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\system32\C0100Ext.ax"="c:\windows\system32\C0100Ext.ax" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13680640]
"nwiz"="nwiz.exe" [2008-12-26 1657376]
"SoundMan"="SOUNDMAN.EXE" [2004-07-02 67584]
"C0100Mon.exe"="c:\windows\C0100Mon.exe" [2007-04-29 32768]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-26 86016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-09 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 06:34 24576 ----a-w- c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2005-09-18 13:41 98304 ----a-w- c:\program files\QuickTime\qttask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [1/9/2010 11:18 AM 108289]
S3 C0100Afx;Provides a software interface to control audio effects of VC0100 camera.;c:\windows\system32\drivers\C0100Afx.sys [12/13/2008 4:58 PM 141376]
S3 C0100Aud;Provides a software interface to control noise cancellation of VC0100 camera.;c:\windows\system32\drivers\C0100Aud.sys [12/13/2008 4:58 PM 93440]
S3 C0100Aul;Provides a software interface to control audio formats of VC0100 camera.;c:\windows\system32\drivers\C0100Aul.sys [12/13/2008 4:58 PM 5120]
S3 C0100Dev;Creative Camera VC0100 Driver;c:\windows\system32\drivers\C0100Dev.sys [12/13/2008 4:58 PM 239936]
S3 C0100Vfx;Creative Camera VC0100 Video VFX Driver;c:\windows\system32\drivers\C0100Vfx.sys [12/13/2008 4:58 PM 7168]
.
Contents of the 'Scheduled Tasks' folder

2010-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409307907-2207503563-3123657271-1003Core.job
- c:\documents and settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-03 16:29]

2010-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409307907-2207503563-3123657271-1003UA.job
- c:\documents and settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-03 16:29]

2010-01-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-22 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: aol.com\free
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-27 17:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1409307907-2207503563-3123657271-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6052801B-50A3-A02F-7054-5FCB95130064}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"eajhemfhep"=hex:66,61,64,65,70,6d,6b,67,6a,63,6a,6c,00,fc
"daghnpfi"=hex:64,62,6c,66,67,6c,6f,64,63,6e,62,70,69,70,66,6c,63,70,6b,63,62,
62,64,62,66,66,62,70,6e,6b,6a,61,62,68,70,6a,68,6e,6d,67,00,00
"iabfeaojhaefnihhpn"=hex:6b,61,61,61,70,65,6b,6e,61,61,6d,62,64,66,63,6c,6f,64,
6f,67,70,6e,00,9b
"halfgndpdcbnopmb"=hex:6b,61,61,61,70,65,6b,6e,61,61,6d,62,64,66,63,6c,6f,64,
6f,67,70,6e,00,7f
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\program files\AlienGUIse\fastload.dll
.
Completion time: 2010-01-27 17:52:07
ComboFix-quarantined-files.txt 2010-01-27 22:52
ComboFix2.txt 2010-01-09 20:49
ComboFix3.txt 2010-01-09 15:23

Pre-Run: 218,466,594,816 bytes free
Post-Run: 218,452,566,016 bytes free

- - End Of File - - 3FD47C1F4DA47F41B5A31F0EE4710B1B
 
ok so those 2 last post together are my combofix log, now this is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:58:54 PM, on 1/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\C0100Mon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\wuauclt.exe
F:\for viruses\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C:\WINDOWS\system32\C0100Ext.ax] C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\C0100Ext.ax
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\OWNER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - F:\for viruses\Spyware Terminator\sp_rsser.exe

--
End of file - 5938 bytes
 
ok so now how does it look? i havent had a real chance to see how the computer is running yet because i just ran those but now i will try it and see how it is
 
well everything seems to be running ok except boot up seems rather slow, like i click the user icon and it takes a bit longer then it use to
 
Hi! If the problem is slowing down on your XP performance try reading below:

Simple Ways to Increase the Performance of your Windows XP PC in 5 Min

XP Speed Secret 1 – Disable Startup Programs
XP Speed Secret 2 – Remove Spyware and Malware
XP Speed Secret 3 – Optimize Display Settings
XP Speed Secret 4 – Speed-Up File Browsing
XP Speed Secret 5 – Reduce Page File Size
XP Speed Secret 6 – Clean Your System Registry
XP Speed Secret 7 – Run Disk Clean-Up
XP Speed Secret 8 – Enable Direct Memory Access (DMA)
XP Speed Secret 9 – Disable File Indexing
XP Speed Secret 10 – Remove Unused Files & Programs

XP Speed Secret #1: Disable Extra Startup
Programs

There are certain programs that Windows will start every time you boot up your system, and during the startup phase, they're all competing for a slice of your CPU speed. Extra or unwanted items in the startup list will definitely increase your startup time, perhaps by several minutes. Some common examples are things related to AOL, RealPlayer, Napster, instant messengers, and video managers.

If you're not sure about an item, no big deal. You can turn it off, restart your PC, and see if everything seems to work. If not, you can always go back and re-enable an item in the Startup list. This tip alone should speed up your start-up by 250%. Here are is what you have to do:

1. Goto Start button > Run
2. Type "msconfig", without quotations
3. Hit enter key or click the OK button
4. A System Configuration Utility window will show up
5. Click the Startup tab
6. In the Startup tab you will see several boxes and some of them will selected (checked). All you have to do is to uncheck extra items that are of no use. If you run an antivirus program it is not recommended to uncheck it.
7. After making you choices press the OK button, you will be prompted to restart computer to apply changes.
8. After restarting your computer a dialogue will be displayed. You can check the option for not showing this dialogue every time your PC reboots.


XP Speed Secret #2: Remove Spyware, Adware, and Malware
Have you scanned your system for spyware, adware and other unwanted pests? 1 of 6 computers has some sort of Spyware or Malware! They dramatically slow down your computer because they use resources to generate popup ads, send spam, and often interfere with the operation of good programs.

If you haven’t scanned recently, we recommend a free scan from a good anti-spyware program. We prefer to use stand-alone, high quality anti-spyware programs like XoftSpy Pro, which give us the ability to scan and repair these problems in seconds.

FINAL NOTE: Recent testing has shown that stand-alone programs do a much better job than the “all-in-one” packages (eg. Norton Internet Security) at detecting spyware, adware, and malware.


XP Speed Secret #3: Optimize Display Settings
Windows XP can look sexy but displaying all the visual items can waste system resources. To optimize:

1. Click the Start button
2. Select Control Panel
3. Double-click the System icon
4. Click the Advanced tab
5. In the Performance box click Settings
6. Leave only the following ticked:
a. Show shadows under menus
b. Show shadows under mouse pointer
c. Show translucent selection rectangle
d. Use drop shadows for icons labels on the desktop
e. Use visual styles on windows and buttons
7. Finally, click Apply and OK


XP Speed Secret #4: Speed-Up File Browsing
You may have noticed that every time you open “My Computer” to browse folders that there is a slight delay. This is because Windows XP automatically searches for network files and printers every time you open Windows Explorer. To fix this and to increase browsing speed significantly:

1. Double-click on My Computer
2. Click the Tools menu
3. Select Folder Options
4. Click on the View tab.
5. Uncheck the Automatically search for network folders and printers check box
6. Click Apply
7. Click OK
8. Reboot your computer


XP Speed Secret #5: Reduce Page File Size
Page file size is not constant by default. Due to this, the operating system has to resize the file each time more space is required. This is a performance overhead. All you have to do is to set the file size to a reasonable limit.

Follow the steps:
1. Right-click My Computer, Select Properties
2. Click the Advanced tab
3. Click the Settings button under the Performance section
4. Click the Advanced tab
5. Under the Virtual Memory section click the Change button
6. "Virtual Memory" dialogue box will appear (also shown in the figure below)
7. Highlight the C: drive containing page file
8. Select the Custom Size radio button and give same values in Initial size and Maximum size fields: If you have less than 512MB of memory, leave the page file at its default size. If you have 512MB or more, change the ratio to 1:1 page file size to physical memory size.
9. Click Set, then OK buttons to apply the changes


XP Speed Secret #6: Clean Your System Registry
Of course, the fastest and easiest way to speed-up your computer is to allow a software program to do it for you! Although you will find that all of the adjustments in this book will speed up your system, the most effective and easiest way to give your computer blazing speed is to clean up your system’s Registry.

Your computer is like your car: it needs periodic maintenance to keep it running at optimum performance. Installing and uninstalling programs, surfing the Internet, emailing, and other everyday activities create a sort of “sludge” that builds up in your computer over time, much like an automobile engine. After a while, it doesn't startup like when it was new, it stalls unexpectedly, and performance is sluggish on the (information) highway.

We strongly recommend running a free Registry scan to find out how many errors you computer is hiding from you. Your computer will likely have hundreds of Registry errors that are dramatically slowing down the potential speed and performance.


XP Speed Secret #7: Run Disk Clean-Up
Both Windows and application programs tend to leave temporary files lying around on your hard drive, taking up space. A hard drive that is close to being “full” can cause Windows to slow down or interfere with efficient disk access and virtual memory operations.

If you surf the web a lot, your temporary internet files folder can become quite large, causing Internet Explorer to slow down or malfunction. Cleaning up unneeded files, scanning for disk errors and defragmenting the hard drive can help to restore some zip to your system. Try to run once a month for peak performance.

1. Double-click the My Computer icon.
2. Right-click on the C: drive 3. Select Properties
4. Click the Disk Cleanup button (to the bottom-right of the Capacity pie graph)
5. Select / check Temporary Internet Files and Recycle Bin
6. Click OK


XP Speed Secret #8: Enable Direct Memory Access (DMA)
1. Right-click on My Computer, select Properties
2. Select the Hardware tab
3. Click the Device Manager button
4. Double-click IDE/ATAPI controllers
5. Double-click on the Primary IDE Channel
6. Click on the Advanced Settings tab (as shown in figure) The tab may or may not be available for each option. It is only
available in Primary and Secondary Channels.
7. Set the Transfer Mode to "DMA if Available" both for Device 1 and 0
8. Click OK
9. Perform the same operation for other items in the list, if
applicable.


XP Speed Secret #9: Disable File Indexing
Indexing Services is a small little program that uses large amounts of memory and can often make a computer endlessly loud and noisy. This system process indexes and updates lists of all the files that are on your computer. It does this so that when you do a search for something on your computer, it will search faster by scanning the index lists. If you don’t search your computer often, this system service is completely unnecessary. To disable do the following:

1. Click Start button
2. Select the Control Panel
3. Double-click Add/Remove Programs
4. Click the Add/Remove Window Components icon on the left side of the window
5. This may take a few seconds to load. Be patient.
6. Look for the “Indexing Services” component in the list
7. Uncheck the Indexing Services
8. Click Next
9. Click Finish


XP Speed Secret #10: Remove Unused Files & Programs
You may have a bunch of software packages on your hard drive that are no longer needed, or they were gratuitously installed when you downloaded some other package. Toolbars, file-sharing programs, free email enhancers, online shopping "companions" and download managers are notorious for this practice. These uninvited guests can put a big drag on your startup time, cause web pages to load slowly, and generally bog down your computer.

1. Click Start button
2. Select Control Panel
3. Double-click Add/Remove Programs icon
4. See what programs are installed that you don’t typically use
5. Select the Remove button for the ones you know you don't need If you’re unsure about some programs, do a web search to learn about the ones that you need to keep.

Source: Here

Source: WindowsAccelerator.com
 
Last edited:
thanks for all those ideas, ive tried looking into all that stuff, im not really having any issues with it now except boot up takes like 28 seconds from the time i click on my user icon to the time the desktop loads, and i don't really have anything loading at startup that is unnecessary, before i got the virus it use to be almost instant, any ideas any1?
 
so rather then start a new thread again i thought id just find my old one that has to do with this computer, so my desktop computer has been working ok, except it is bothering me that it is sooooooo slow when i get to my user screen and i click my user it takes 30 seconds to load and i know its only 30 seconds but before i had any problems it use to only take like 5 seconds max. could i still be infected?
 
Unfortunately, malware can cause issues and even after cleaning your speed may not go back to the way it was. However, if you haven't run Ccleaner I would highly recommend it. This will delete all your old temporary internet files and such. Make sure you keep your recycle bin empty has having lots of files in there will slow down your system as well. When was the last time the hard drive was defragged?

You might want to create a different user name and then transfer all your files and folders to that new user.

http://support.microsoft.com/kb/811151
 
You must log in or register to reply here.
Back
Top