[Inactive] Everything GONE??? Need Help!!! This is a biggie! Ahhhhh!

+ 2012-05-12 18:09:10 . 2012-05-12 18:09:10 1712128 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b49dd780ba8e3501b0adcf108b431e7b\Microsoft.VisualBasic.ni.dll
+ 2012-05-12 18:06:21 . 2012-05-12 18:06:21 1093120 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-12 19:24:54 . 2012-05-12 19:24:54 2332160 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-05-12 18:08:22 . 2012-05-12 18:08:22 1966080 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f3fcd65eca42d13b746cf3f5bd993ee0\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-12 18:08:19 . 2012-05-12 18:08:19 1620992 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2091903cd9b359e96f05ac2d6d25ef4e\Microsoft.Build.Tasks.ni.dll
+ 2012-05-12 18:08:10 . 2012-05-12 18:08:10 1888768 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
+ 2012-05-12 17:22:19 . 2012-05-12 17:22:19 1249280 C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2010-06-24 10:03:48 . 2010-06-24 10:03:48 1249280 C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-12 17:32:29 . 2012-05-12 17:32:29 3186688 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-06 19:04:06 . 2010-10-06 19:04:06 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-12 17:32:03 . 2012-05-12 17:32:03 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-06 19:03:19 . 2010-10-06 19:03:19 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-12 17:31:49 . 2012-05-12 17:31:49 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-06 19:07:01 . 2010-10-06 19:07:01 1277952 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-11 11:12:49 . 2012-01-11 11:12:49 1277952 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-06 19:03:22 . 2010-10-06 19:03:22 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-05-12 17:31:47 . 2012-05-12 17:31:48 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-05-12 17:22:17 . 2012-05-12 17:22:17 5283840 C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-12 17:31:45 . 2012-05-12 17:31:46 5246976 C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-06 19:04:00 . 2010-10-06 19:04:00 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-12 17:32:28 . 2012-05-12 17:32:28 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-12 17:22:16 . 2012-05-12 17:22:16 4214784 C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-12 17:32:13 . 2012-05-12 17:32:13 4550656 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-06 19:03:52 . 2010-10-06 19:03:52 4550656 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-06 18:54:00 . 2010-10-06 18:54:00 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-01-11 11:11:30 . 2012-01-11 11:11:30 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-01-11 11:11:24 . 2012-01-11 11:11:25 2064384 C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-11 11:11:29 . 2012-01-11 11:11:29 1269760 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-03-21 12:01:45 . 2012-03-21 12:01:46 1279864 C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2009-07-27 22:13:09 . 2009-07-27 22:13:09 8462848 C:\WINDOWS\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2012-04-11 13:23:21 . 2012-04-11 13:23:21 1871360 C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
+ 2012-04-11 13:22:15 . 2012-04-11 13:22:15 2192640 C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
+ 2012-04-11 12:42:19 . 2012-04-11 12:42:19 2026496 C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrpamp.exe
+ 2012-04-11 12:42:22 . 2012-04-11 12:42:22 2069120 C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
+ 2012-04-11 13:26:09 . 2012-04-11 13:26:09 2148352 C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlmp.exe
+ 2012-04-12 01:09:27 . 2012-03-01 10:58:17 1214464 C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll
+ 2012-04-12 01:09:24 . 2012-03-01 10:58:16 5980672 C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
+ 2012-04-12 01:09:31 . 2012-03-01 10:58:16 2001408 C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll
+ 2012-01-12 16:54:47 . 2012-01-12 16:54:47 1869056 C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
+ 2012-02-14 18:55:22 . 2011-12-17 19:45:42 1214464 C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll
+ 2012-02-14 18:55:22 . 2011-12-17 19:45:42 5980160 C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
+ 2012-02-14 18:55:26 . 2011-12-17 19:45:42 2001408 C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll
+ 2012-03-14 07:18:33 . 2012-02-03 09:26:17 1869184 C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
+ 2011-11-23 13:29:56 . 2011-11-23 13:29:56 1868544 C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-25 13:34:49 . 2011-10-25 13:34:49 2192768 C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-25 12:52:33 . 2011-10-25 12:52:33 2027008 C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-25 12:52:32 . 2011-10-25 12:52:32 2069376 C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-25 13:38:37 . 2011-10-25 13:38:37 2148864 C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-11-03 15:27:33 . 2011-11-03 15:27:33 1292288 C:\WINDOWS\$hf_mig$\KB2631813\SP3QFE\quartz.dll
+ 2011-11-01 16:05:38 . 2011-11-01 16:05:38 1289216 C:\WINDOWS\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-14 13:47:50 . 2011-11-04 19:19:40 1214464 C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-14 13:47:49 . 2011-11-04 19:19:40 5978624 C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-14 13:47:53 . 2011-11-04 19:19:40 2001408 C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2011-10-11 19:56:34 . 2011-08-22 23:47:42 1214464 C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-11 19:56:33 . 2011-10-03 08:34:05 5972992 C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-11 19:56:37 . 2011-08-22 23:47:41 2001408 C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 13:25:11 . 2011-09-06 13:25:11 1867904 C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2011-08-09 21:53:21 . 2011-06-23 18:33:49 1214464 C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
+ 2011-08-09 21:53:18 . 2011-07-25 15:15:30 5971456 C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
+ 2011-08-09 21:53:37 . 2011-06-23 18:33:49 1992192 C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
+ 2011-06-02 14:07:35 . 2011-06-02 14:07:35 1867904 C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-16 21:59:47 . 2011-04-25 16:09:34 1213952 C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-16 21:59:44 . 2011-05-30 22:17:44 5967360 C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-16 21:59:48 . 2011-04-25 16:09:34 1992192 C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-03-03 13:27:43 . 2011-03-03 13:27:43 1866880 C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
+ 2011-04-14 00:02:57 . 2011-02-22 23:27:04 1212928 C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-04-14 00:02:56 . 2011-02-22 23:27:04 5964800 C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-04-14 00:02:58 . 2011-02-22 23:27:04 1992192 C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-01-21 14:42:25 . 2011-01-21 14:42:25 8463360 C:\WINDOWS\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-09 23:06:29 . 2010-12-20 23:58:53 1211904 C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
+ 2011-02-09 23:06:26 . 2010-12-20 23:58:52 5962240 C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
+ 2011-02-09 23:06:36 . 2010-12-20 23:58:52 1992192 C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
+ 2011-02-02 07:57:49 . 2011-02-02 07:57:49 2069504 C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2010-12-31 13:14:45 . 2010-12-31 13:14:45 1864064 C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2011-02-09 23:04:49 . 2010-12-09 13:43:18 2192768 C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-09 23:04:48 . 2010-12-09 13:09:29 2027008 C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-10 02:39:28 . 2010-12-10 02:39:28 2069376 C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-09 23:04:51 . 2010-12-09 13:47:27 2148864 C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2009-05-06 20:36:24 . 2012-05-12 17:33:31 55656824 C:\WINDOWS\system32\MRT.exe
+ 2011-06-29 07:54:04 . 2011-05-13 19:08:22 10833920 C:\WINDOWS\system32\libmfxsw32.dll
+ 2011-06-29 07:54:01 . 2011-05-13 19:08:34 10915840 C:\WINDOWS\system32\libmfxhw32.dll
+ 2009-03-08 11:39:48 . 2012-03-02 13:01:32 11082752 C:\WINDOWS\system32\ieframe.dll
+ 2009-10-16 08:43:09 . 2012-03-02 13:01:32 11082752 C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2011-12-27 01:02:30 . 2011-12-27 01:02:30 12482048 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-06-17 10:24:40 . 2011-06-17 10:24:40 20333056 C:\WINDOWS\Installer\b301a8c.msp
+ 2012-04-06 09:12:34 . 2012-04-06 09:12:34 15709696 C:\WINDOWS\Installer\a8149.msp
+ 2012-01-04 09:25:14 . 2012-01-04 09:25:14 17751552 C:\WINDOWS\Installer\a813b.msp
+ 2012-04-06 10:13:32 . 2012-04-06 10:13:32 16527872 C:\WINDOWS\Installer\a80f1.msp
+ 2012-05-12 17:14:39 . 2012-05-12 17:14:39 20343808 C:\WINDOWS\Installer\a80ab.msp
+ 2011-09-30 20:55:57 . 2011-09-30 20:55:57 39093248 C:\WINDOWS\Installer\8e64c62.msi
+ 2011-10-12 15:51:25 . 2011-10-12 15:51:25 20333568 C:\WINDOWS\Installer\6f2d3f0.msp
+ 2011-07-12 03:43:20 . 2011-07-12 03:43:20 11641344 C:\WINDOWS\Installer\6f2d3e5.msp
+ 2011-07-12 22:50:24 . 2011-07-12 22:50:24 17555968 C:\WINDOWS\Installer\6f2d3c9.msp
+ 2011-09-16 01:39:22 . 2011-09-16 01:39:22 11163136 C:\WINDOWS\Installer\5bdde0d.msp
+ 2011-09-16 01:38:04 . 2011-09-16 01:38:04 10838528 C:\WINDOWS\Installer\5bdde02.msp
+ 2011-09-16 01:37:28 . 2011-09-16 01:37:28 16691712 C:\WINDOWS\Installer\5bddc44.msp
+ 2011-09-16 01:37:52 . 2011-09-16 01:37:52 34428416 C:\WINDOWS\Installer\5bddc28.msp
+ 2011-12-26 17:02:58 . 2011-12-26 17:02:58 19677184 C:\WINDOWS\Installer\55996ff.msp
+ 2011-04-23 02:41:34 . 2011-04-23 02:41:34 11507712 C:\WINDOWS\Installer\4668a4f.msp
+ 2012-02-15 11:04:37 . 2012-02-15 11:04:37 20333056 C:\WINDOWS\Installer\37adb32.msp
+ 2011-07-27 14:37:28 . 2011-07-27 14:37:28 11592192 C:\WINDOWS\Installer\2a1e738.msp
+ 2011-02-16 18:11:05 . 2011-02-16 18:11:05 20308992 C:\WINDOWS\Installer\2906861.msp
+ 2011-02-12 03:47:00 . 2011-02-12 03:47:00 12028928 C:\WINDOWS\Installer\21f37229.msp
+ 2011-02-24 22:15:46 . 2011-02-24 22:15:46 11551232 C:\WINDOWS\Installer\21f371dc.msp
+ 2012-05-12 17:01:31 . 2012-05-12 17:01:31 20343808 C:\WINDOWS\Installer\1fa14b3.msp
+ 2012-05-17 10:00:45 . 2012-05-17 10:00:45 23771136 C:\WINDOWS\Installer\1541456.msp
+ 2011-04-21 10:00:34 . 2011-04-21 10:00:34 20314624 C:\WINDOWS\Installer\12eff780.msp
+ 2011-03-28 10:27:52 . 2011-03-28 10:27:52 15456256 C:\WINDOWS\Installer\1053411a.msp
+ 2011-09-16 03:42:00 . 2011-09-16 03:42:00 18115432 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6612\WWLIB.DLL
+ 2012-04-12 19:11:27 . 2011-12-18 22:46:38 11082240 C:\WINDOWS\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-02-15 11:08:23 . 2011-11-04 19:20:50 11081728 C:\WINDOWS\ie8updates\KB2647516-IE8\ieframe.dll
+ 2011-12-15 11:19:29 . 2011-08-24 00:48:56 11081728 C:\WINDOWS\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-10-12 15:31:17 . 2011-06-23 18:36:29 11081728 C:\WINDOWS\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-08-10 18:56:14 . 2011-04-26 17:11:12 11081728 C:\WINDOWS\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-17 10:18:17 . 2011-02-22 23:06:28 11080704 C:\WINDOWS\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-04-14 10:16:17 . 2010-12-21 13:29:20 11080704 C:\WINDOWS\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-02-11 00:58:37 . 2010-11-06 00:26:57 11080704 C:\WINDOWS\ie8updates\KB2482017-IE8\ieframe.dll
+ 2012-05-12 17:38:10 . 2012-05-12 17:38:11 12430848 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll
+ 2012-05-12 18:07:25 . 2012-05-12 18:07:25 11817472 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll
+ 2012-05-12 18:05:57 . 2012-05-12 18:05:58 17403904 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-05-12 17:37:32 . 2012-05-12 17:37:33 10683392 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\a9256d2ad7e4be2bbb4e9b18c3997b84\System.Design.ni.dll
+ 2012-05-12 17:36:12 . 2012-05-12 17:36:13 14329856 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5b8ff47c1db373a2a4c638ca31988bd2\PresentationFramework.ni.dll
+ 2012-05-12 17:35:26 . 2012-05-12 17:35:27 12218368 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\4eb3cd1f1d5a83617524a9dfb96a657d\PresentationCore.ni.dll
+ 2012-05-12 17:33:45 . 2012-05-12 17:33:47 11492352 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
+ 2012-04-12 01:09:20 . 2012-03-01 10:58:15 11085312 C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll
+ 2012-02-14 18:55:20 . 2011-12-17 19:45:42 11085312 C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll
+ 2011-11-05 22:19:40 . 2011-11-05 22:19:40 11083776 C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
+ 2011-10-11 19:56:31 . 2011-08-22 23:47:41 11084288 C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
+ 2011-06-25 08:03:50 . 2011-06-25 08:03:50 11083776 C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
+ 2011-06-16 21:59:43 . 2011-04-25 16:09:34 11083776 C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-23 11:57:06 . 2011-02-23 11:57:06 11082752 C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
+ 2011-02-09 23:06:20 . 2010-12-20 23:58:52 11082752 C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
+ 2011-09-16 01:34:54 . 2011-09-16 01:34:54 428804608 C:\WINDOWS\Installer\5bdddf8.msp

-- Snapshot reset to current date --

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ad708c09-d51b-45b3-9d28-4eba2681febf}"= "C:\Program Files\Download_Energy\prxtbDown.dll" [2011-03-28 16:22:54 176936]

[HKEY_CLASSES_ROOT\clsid\{ad708c09-d51b-45b3-9d28-4eba2681febf}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51:30 87480 ---ha-w- C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22:54 176936 ---ha-w- C:\Program Files\ConduitEngine\prxConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
2011-03-28 16:22:54 176936 ---ha-w- C:\Program Files\Download_Energy\prxtbDown.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-10 00:43:36 1519272 ---ha-w- C:\Program Files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 09:51:30 87480]
"{ad708c09-d51b-45b3-9d28-4eba2681febf}"= "C:\Program Files\Download_Energy\prxtbDown.dll" [2011-03-28 16:22:54 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 16:22:54 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-04-10 00:43:36 1519272]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-04-10 00:43:36 1519272]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CLASSES_ROOT\clsid\{ad708c09-d51b-45b3-9d28-4eba2681febf}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-17 00:51:04 57344]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 11:56:24 0]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2012-05-23 19:15:04 3029344]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 23:07:20 2260480]
"Copernic Desktop Search - Home"="C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe" [2011-11-22 19:14:26 1648600]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2012-06-05 22:23:04 17344176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 21:22:32 94208]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 21:19:18 77824]
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" [2010-04-28 14:44:02 647528]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-17 00:50:58 40960]
"MaxtorOneTouch"="C:\Program Files\Maxtor\ManagerApp\Onetouch.exe" [2007-02-28 00:57:48 716456]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-03-25 23:44:00 81920]
"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 22:56:38 981680]
"AcronisTimounterMonitor"="C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe" [2008-06-25 03:06:22 904768]
"Seagate Scheduler2 Service"="C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" [2008-06-25 02:56:52 136472]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-04-05 21:23:14 114688]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2008-04-14 12:42:28 143360]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 21:45:32 279912]
"VX1000"="C:\WINDOWS\vVX1000.exe" [2007-04-10 21:46:52 709992]
"Drag'n'Drop_Autolaunch"="C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe" [2003-02-03 20:53:32 86016]
"DiscWizardMonitor.exe"="C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2008-06-25 02:52:18 1325848]
"F-Secure Manager"="C:\Program Files\Shaw Secure\Common\FSM32.EXE" [2009-08-05 15:58:50 199264]
"F-Secure TNB"="C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe" [2009-08-05 15:57:04 2349664]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 18:56:16 1230704]
"iBryte playbryte Desktop"="C:\Program Files\iBryte\playbryte\ibrytedesktop.exe" [2011-09-08 23:16:09 167936]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 04:28:32 59240]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 20:06:06 254696]
"ApnUpdater"="C:\Program Files\Ask.com\Updater\Updater.exe" [2012-04-10 00:43:42 1557160]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 06:51:18 37296]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 18:07:56 843712]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 18:38:24 59240]
"iTunesHelper"="C:\iTunesHelper.exe" [2012-03-27 12:09:24 421736]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2012-04-19 03:56:22 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 12:13:08 434080]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-17 00:51:04 57344]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 05:12:38 3872080]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 12:42:18 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 05:41:34 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-03-30 21:18:36 13672 ---ha-w- C:\Program Files\Citrix\GoToAssist\607\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"C:\\Program Files\\Opera 10.10 Beta\\opera.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"C:\\Program Files\\LimeZilla\\LimeZilla.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\iBryte\\playbryte\\ibrytedesktop.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\FrostWire 5\\FrostWire.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 fsbts;fsbts;C:\WINDOWS\system32\drivers\fsbts.sys [2/6/2011 11:18:50 PM 44184]
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2/6/2011 11:18:14 PM 82120]
R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [1/22/2011 11:30:38 PM 28552]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files\Shaw Secure\HIPS\drivers\fshs.sys [2/6/2011 11:17:31 PM 68064]
R1 LStone;Pinnacle Systems Studio AV/DV Overlay;C:\WINDOWS\system32\drivers\LStone2k.sys [10/9/2009 11:44:12 PM 256113]
R1 MemAlloc;MemAlloc;C:\WINDOWS\system32\drivers\MemAlloc.sys [10/9/2009 11:44:12 PM 5543]
R2 Active@ Disk Monitor;Active@ Disk Monitor;C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [5/29/2009 1:04:39 AM 1123784]
R2 Application Updater;Application Updater;C:\Program Files\Application Updater\ApplicationUpdater.exe [1/8/2010 1:51:02 AM 380928]
R2 BBUpdate;BBUpdate;C:\Program Files\Microsoft\BingBar\SeaPort.EXE [6/15/2011 5:33:20 PM 249648]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [6/24/2008 7:56:38 PM 431384]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Shaw Secure\Anti-Virus\minifilter\fsgk.sys [2/6/2011 11:17:04 PM 149672]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2/8/2010 11:13:05 AM 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [6/5/2012 3:17:44 PM 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/6/2012 2:42:15 AM 257696]
S3 BBSvc;Bing Bar Update Service;C:\Program Files\Microsoft\BingBar\BBSvc.EXE [7/7/2011 7:31:08 PM 195336]
S3 cpuz135;cpuz135;\??\C:\DOCUME~1\jeff\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys --> C:\DOCUME~1\jeff\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?]
S3 FSORSPClient;F-Secure ORSP Client;C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe [2/6/2011 11:17:31 PM 61088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2/8/2010 11:13:05 AM 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 4:36:21 PM 129976]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\WINDOWS\System32\svchost.exe -k nosGetPlusHelper [8/23/2001 5:00:00 AM 14336]
S3 WinDefend;Windows Defender;C:\WINDOWS\System32\svchost.exe -k secsvcs [8/23/2001 5:00:00 AM 14336]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - WS2IFSL
*Deregistered* - dnbudf

Contents of the 'Scheduled Tasks' folder

2012-06-16 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 09:42:15 . 2012-05-05 12:16:50]

2012-06-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57:16 . 2011-06-02 00:57:16]

2012-06-17 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-08 18:13:05 . 2009-10-30 17:22:01]

2012-06-16 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-08 18:13:05 . 2009-10-30 17:22:01]

2012-06-15 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-1177238915-839522115-1003Core.job
- C:\Documents and Settings\jeff\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-19 07:15:12 . 2009-10-19 07:14:53]

2012-06-17 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-1177238915-839522115-1003UA.job
- C:\Documents and Settings\jeff\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-19 07:15:12 . 2009-10-19 07:14:53]

2012-06-17 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-04 01:20:06 . 2006-11-04 01:20:06]

2012-06-16 C:\WINDOWS\Tasks\Norton Security Scan for jeff.job
- C:\PROGRA~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-02-07 00:43:24 . 2012-04-03 09:45:14]

2012-06-17 C:\WINDOWS\Tasks\Scheduled scanning task.job
- C:\PROGRA~1\SHAWSE~1\ANTI-V~1\fsav.exe [2011-02-07 06:17:02 . 2009-08-05 15:56:08]

2012-06-17 C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
- C:\Program Files\Ask.com\UpdateTask.exe [2012-04-10 00:43:40 . 2012-04-10 00:43:40]

2076-11-24 C:\WINDOWS\Tasks\User_Feed_Synchronization-{C873EDE0-F75B-4CD3-BF13-4767D5631B7E}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 11:31:54 . 2009-03-08 11:31:54]


------- Supplementary Scan -------

uStart Page = hxxp://search.bearshare.com/
uInternet Settings,ProxyOverride = *.local
IE: Download with &Shareaza - C:\Program Files\Morpheus Music\RazaWebHook.dll/3000
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
LSP: C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - C:\Documents and Settings\jeff\Application Data\Mozilla\Firefox\Profiles\cxnew2at.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=


Supplementary scan did not complete!

- - - - ORPHANS REMOVED - - - -

BHO-{1631550F-191D-4826-B069-D9439253D926} - (no file)
BHO-{1C3BAC09-2EFF-67CC-6667-1AC993255114} - (no file)
BHO-{61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} - (no file)
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-10 - (no file)
HKLM-Run-facemoods - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
AddRemove-facemoods - C:\Program Files\facemoods.com\facemoods\1.4.17.11\uninstall.exe

Good news :)

Quote:

---

I can see some folders re-appearing however there is nothing in the folders ( no files) Also there are program icons coming back ( but no files when you click on them

---

I need much more details on this issue.

Can you uninstall Shaw Secure now?

Uninstall:
Ask Toolbar
Ask Toolbar Updater
...typical foistware.

Sure I can give as much details as you would like.

I have uninstalled Shaw Secure

I have AVG running on my computer now.

After Combo Fix, I can now click the start button on my windows XP and it now shows "all programs" ( whereas before there was nothing at all to show, no programs, no files anywhere to be seen)

So when you click on the program ( after going to Start, Programs) all the folders of the programs are there, but when you click on them all folders are "empty"

Many many many files are back ( if not all ) Thank you so much... however we still may have a couple problems.

I went to find my files in my Notepad ++ program ( a program to create websites) and I click on the folder and there is nothing in it ( but it says 19 hidden files)

So I know the files are there ( I guess? ) so how do you unhide those files?

Things are running a lot better, things are still slow, and the internet gets bogged down ( as in I can have my internet on and work on my computer for a few hours, maybe up to 5 hours, when it will slow down, the internet/computer will get so slow that it will completely stop working. At that point I can not restart the computer without holding in the start button on the computer.

I suppose that a regular shutdown ( Start/shutdown) would be more healthy for the computer but I haven't been able to do that for many months.

Things are much better than they were when I started this thread, but there may be a ways to go.

I'm glad to hear better news :)

Let's see, if we can recover your missing features.
Download and run UnHide
Let me know, if it worked.

Hi Broni,

Just so you know I am still here and will run Unhide tomorrow night.

I want to try to get this computer running as well as it possibly can before "resolving" this.

Still having some pretty major issues ( such as having things run fairly ok for 3-4 hours until things suddenly die out... the computer seems to have "energy" in it for some time then it can't go on... just stops working... sometimes all together.. then you can't even re-start... nothing works... you have to press and hold the button in to turn it off and re-start it. When I do that, the computer starts up and it seems to have re-gained energy to work for a few hours and then it just does the same thing over and over. It's been doing that for months. Any idea what might be doing that or how to speed up a computer?

I've extra excited to find these files ( and hopefully the Unhide will work as well ) but I gotta get to the bottom of why this computer is so tremendously slow. ( Could be virus related ( I guess) but I thought we cleaned everything up. ( but maybe a virus can cause some serious irreversible damage.

Anyhow that's just what I'm dealing with here and will run the Unhide scan soon.

Ran "Unhide" program last night and it didn't work, unfortunately.

Also START -->Programs ( programs are still "empty")

I'd say the biggest problem now is that even if I re-start the computer it barely functions. ( as in it's getting worse )

I am on it now but it's super slow... it slows down to a halt , then I have to re-start it and ... that's how the cycle is going.

CCleaner seems to be running all the time... not sure if that's normal.

Errors on start up : Malwarebytes files are missing.

Right now I am hoping there is some program that might help speed the computer up, ( or find out why it's having trouble running/shutting down) but maybe CCleaner was supposed to do that?

I suspect you may have some other issues with your computer aside from being infected.

Then, if UnHide didn't work you'll have to restore those missing items manually.
See my guide HERE

Next....

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.