Jump to content

My computer is infected and I'm a computer novice... please help!


Recommended Posts

Here are my reports

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16476

Run by Bryon at 15:52:21 on 2013-05-16

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3006.1503 [GMT -5:00]

.

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Strongvault Online Backup\BackupAgent.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Internet Explorer\iexplore.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Bryon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I5TUSCDM\RogueKiller.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

uURLSearchHooks: <No Name>: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL

uURLSearchHooks: FCToolbarURLSearchHook Class: {0adb501b-f9c4-4c02-a9ed-2f605a0586e0} -

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

dURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>

dURLSearchHooks: <No Name>: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL

BHO: MRI_DISABLED - <orphaned>

BHO: Ask Search Assistant BHO: {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: FCTBPos00Pos Class: {28A27F58-704F-40E1-8053-28E909FBF604} -

BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll

BHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} -

TB: Mob Wars Toolbar: {6857857C-15D3-435D-AF19-E0217298B416} -

TB: ShopAtHome Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} -

TB: Ask Toolbar: {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} -

TB: Mob Wars Toolbar: {6857857C-15D3-435D-AF19-E0217298B416} -

TB: ShopAtHome Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} -

uRun: [sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe"

uRun: [backupAgent] c:\program files\strongvault online backup\BackupAgent.exe

uRun: [searchProtect] c:\users\bryon\appdata\roaming\searchprotect\bin\cltmng.exe

uRunOnce: [shockwave Updater] "c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe" -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; FunWebProducts; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://espn.go.com/free-online-games/dcrFrame?swfPath=http://a.espncdn.com/arcade/prod/games/laser_tag/20090610/laser_tag.dcr&width=640&height=480&sw2=&gameID=60&swlist="

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [searchProtectAll] c:\program files\searchprotect\bin\cltmng.exe

StartupFolder: c:\users\bryon\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoViewOnDrive = dword:0

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDevMgrUpdate = dword:0

uPolicies-Explorer: NoWindowsUpdate = dword:0

uPolicies-System: NoDispAppearancePage = dword:0

uPolicies-System: NoDispSettingsPage = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoViewOnDrive = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDevMgrUpdate = dword:0

mPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: NoDispAppearancePage = dword:0

mPolicies-System: NoDispSettingsPage = dword:0

mPolicies-Explorer: NoViewOnDrive = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDevMgrUpdate = dword:0

mPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-System: NoDispAppearancePage = dword:0

mPolicies-System: NoDispSettingsPage = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: eenroller.net

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://synthes.webex.com/client/T27L/webex/ieatgpc1.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E34F52FE-7769-46CE-8F8B-5E8ABAD2E9FC} - hxxps://cvpn.uhc.com/CACHE/sdesktop/install/binaries/instweb.cab

TCP: NameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{6814BB6D-D2FD-4DBF-A60E-A03D086F7468} : DHCPNameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{AB265F25-3B2D-4F71-9BBD-CF970E3B358A} : DHCPNameServer = 97.64.183.164 97.64.209.37

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\822\G2AWinLogon.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\bryon\appdata\roaming\mozilla\firefox\profiles\qgwmbn3g.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN20199949482699112&UM=2&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN20199949482699112&UM=2&q=

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\users\bryon\appdata\roaming\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-2-21 114688]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-3-19 64800]

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20080808.007\IDSvix86.sys [2008-8-11 261680]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-10 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-10 682344]

R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-2-21 729528]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-10 21104]

R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-8-12 99376]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2007-8-24 149352]

S4 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-28 1251720]

.

=============== File Associations ===============

.

ShellExec: sfviewer.exe: Open=c:\program files\internet explorer\iexplore.exe "%1"

.

=============== Created Last 30 ================

.

2013-05-16 20:39:15 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2013-05-16 20:22:13 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{74ea6491-633a-4731-a9d8-50d6ef3b541c}\mpengine.dll

.

==================== Find3M ====================

.

2013-05-16 20:16:08 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-16 20:16:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-02 07:06:08 238872 ----a-w- c:\windows\system32\MpSigStub.exe

2013-04-11 14:22:56 770384 ----a-w- c:\windows\system32\msvcr100.dll

2013-04-11 14:22:56 421200 ----a-w- c:\windows\system32\msvcp100.dll

2013-03-31 16:42:39 150160 ----a-w- c:\windows\system32\WRusr.dll

2013-03-31 16:42:39 114688 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe

2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-03-05 01:40:56 2049024 ----a-w- c:\windows\system32\win32k.sys

2013-03-03 19:07:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-02-22 03:46:00 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-02-22 03:38:00 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-02-22 03:37:50 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-02-22 03:34:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-02-22 03:34:03 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-02-22 03:31:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

============= FINISH: 15:53:18.02 ===============

Attatch.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/24/2008 11:35:54 AM

System Uptime: 5/16/2013 3:08:59 PM (0 hours ago)

.

Motherboard: Wistron | | 30D6

Processor: AMD Turion 64 X2 TL-60 | Socket A | 800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 137 GiB total, 32.406 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.985 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0002

Manufacturer: Microsoft

Name: Microsoft 6to4 Adapter #2

PNP Device ID: ROOT\*6TO4MP\0002

Service: tunnel

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0005

Manufacturer: Microsoft

Name: Microsoft 6to4 Adapter #5

PNP Device ID: ROOT\*6TO4MP\0005

Service: tunnel

.

==== System Restore Points ===================

.

RP1171: 4/23/2013 2:48:05 PM - Windows Update

RP1172: 4/24/2013 3:00:27 AM - Windows Update

RP1173: 4/25/2013 10:00:36 AM - Scheduled Checkpoint

RP1174: 4/26/2013 8:57:00 AM - Scheduled Checkpoint

RP1175: 4/29/2013 11:57:16 AM - Scheduled Checkpoint

RP1176: 4/30/2013 4:43:30 PM - Windows Update

RP1177: 5/6/2013 4:49:13 PM - Scheduled Checkpoint

RP1178: 5/7/2013 8:38:49 AM - Windows Update

RP1179: 5/9/2013 9:49:40 AM - Scheduled Checkpoint

RP1180: 5/10/2013 3:24:46 PM - Windows Update

RP1181: 5/13/2013 10:17:56 AM - Scheduled Checkpoint

RP1182: 5/14/2013 8:22:06 AM - Windows Update

RP1183: 5/15/2013 3:11:26 PM - Scheduled Checkpoint

RP1184: 5/16/2013 3:00:38 AM - Windows Update

RP1185: 5/16/2013 1:30:23 PM - Removed Strongvault Online Backup

RP1186: 5/16/2013 1:32:20 PM - Removed Strongvault Online Backup

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

7-Zip 9.20

Actify SpinFire Reader

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.0.1)

Adobe Shockwave Player

Adobe Shockwave Player 11.5

AIM 6

AppCore

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BlackBerry Desktop Software 4.3

Bonjour

Broadcom 802.11 Wireless LAN Adapter

Brother MFL-Pro Suite

Cards_Calendar_OrderGift_DoMorePlugout

ccCommon

Cisco WebEx Meetings

Citrix online plug-in - web

Citrix online plug-in (DV)

Citrix online plug-in (HDX)

Citrix online plug-in (USB)

Citrix online plug-in (Web)

Command & Conquer™ Red Alert™ 3 Demo

Compatibility Pack for the 2007 Office system

Component Framework

Conexant HD Audio

CyberLink YouCam

doPDF 6.2 printer

DVD Suite

EA Download Manager

Eusing Free Registry Cleaner

FinalAlert 2

Google Chrome

Google Earth

Google Update Helper

GoToAssist Corporate

GoToMeeting 5.5.0.1133

Graboid Video 1.65

Hauppauge MCE XP/Vista Software Encoder (2.0.25149)

HDAUDIO Soft Data Fax Modem with SmartCP

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP Easy Setup - Frontend

HP Games

HP Help and Support

HP Photosmart Essential 2.5

HP Quick Launch Buttons 6.30 E1

HP QuickPlay 3.6

HP QuickTouch 1.00 C4

HP Smart Web Printing

HP Total Care Advisor

HP Update

HP User Guides 0090

HP Wireless Assistant

HPNetworkAssistant

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabel_Tattoo

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookHolidayPack1

HPPhotoSmartPhotobookModernPack1

HPPhotoSmartPhotobookPlayfulPack1

HPPhotoSmartPhotobookScrapbookPack1

HPPhotoSmartPhotobookWebPack1

iCloud

InfoAtoms

Invoice Viewer V3.0

iTunes

Java 6 Update 2

join.me

LabelPrint

LightScribe System Software 1.10.13.1

LiveUpdate (Symantec Corporation)

Mail Secretary

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee Security Scan Plus

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mob Wars Toolbar 1.438

MobileMe Control Panel

Move Media Player

Mozilla Firefox 18.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 6.1

NetWaiting

Norton AntiVirus

Norton AntiVirus Help

Norton Confidential Core

Norton Internet Security

Norton Internet Security (Symantec Corporation)

Norton Protection Center

NVIDIA Drivers

Pando Media Booster

PaperPort Image Printer

PokerStars

Power2Go

PowerDirector

PSSWCORE

Quick Hit - Football

QuickPlay SlingPlayer 0.4.6

QuickTime

Quote System - Consultant

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

Roxio Media Manager

Safari

ScanSoft PaperPort 11

Search Protect by conduit

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

ShopAtHome SelectRebates

SIS Installation Helper

Slingbox Flash Tour

SlingPlayer

SPBBC 32bit

Spelling Dictionaries Support For Adobe Reader 8

Sportsbook.com Poker

Strongvault Online Backup

Symantec Real Time Storage Protection Component

SymNet

The Sims™ Life Stories

Touch Pad Driver

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VideoLAN VLC media player 0.8.6d

VideoToolkit01

Viewpoint Media Player

VZAccess Manager for RIM

WeatherBug Gadget

Webroot SecureAnywhere

Windows Live OneCare safety scanner

WinZip 14.0

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

5/16/2013 3:40:40 AM, Error: Service Control Manager [7043] - The WRSVC service did not shut down properly after receiving a preshutdown control.

5/16/2013 3:22:13 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.151.12.0 Loading engine version: 1.1.9402.0

5/16/2013 3:17:54 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

5/16/2013 3:16:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

5/16/2013 3:10:49 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

5/16/2013 2:33:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

5/16/2013 2:31:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ctxusbm eeCtrl spldr SRTSPX SYMTDI Wanarpv6

5/16/2013 2:31:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 2:31:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

5/16/2013 2:31:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/16/2013 2:31:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

5/16/2013 2:30:57 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21

5/16/2013 2:09:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

5/16/2013 1:52:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ctxusbm DfsC eeCtrl NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr SRTSPX SymIM SYMTDI tdx Wanarpv6

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:52:19 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/16/2013 1:51:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

5/16/2013 1:51:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

5/16/2013 1:51:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

5/16/2013 1:40:13 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer PaperPort Image Printer with shared resource name PaperPort Image Printer. Error 2114. The printer cannot be used by others on the network.

5/15/2013 3:54:20 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello Brenton and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Why do you think so? What kind of problem you have?

Link to post
Share on other sites

Hi Maniac, and thank you so much for your help.

My computer is running painfully slow, and has a couple programs I don't recognize, such as strongvault online backup.

I thought I posted the proper reports. Did I do something incorrectly? I copied and pasted dds and attach reports. Please clarify what you need me to do (sorry!)

Link to post
Share on other sites

That are the right logs, I just want to know what is the problem there. Thanks for your information!

Step 1

I notice that you are using more than one antivirus program.

  • Norton AntiVirus
  • Webroot SecureAnywhere
  • Norton Internet Security
  • xxxx

This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through.

It is important that only one antivirus program is running realtime protection. I strongly suggest you to uninstall Webroot SecureAnywhere, but only if you have license for Norton, if not leave it and uninstall Norton. The best choice in your case is to uninstall all of Norton products, because they surely interfere each other and if you want to install it on clean again. Finally, restart your computer.

Step 2

Please uninstall the following applications:

µTorrent

Mob Wars Toolbar 1.438

Search Protect by conduit

ShopAtHome SelectRebates

Strongvault Online Backup

Viewpoint Media Player

Step 3

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 5

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Step 6

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • AdwCleaner log
  • RogueKiller log
  • a new fresh DDS log

Link to post
Share on other sites

Ok, so I'm in the process of completing the above steps, but ran into another issue in the meantime.

First, my outlook and IE aren't working properly. They can't connect to the internet. Firefox seems fine, and is the browser I'm using to type this.

Also, I could not update Malwarebytes Antimalware, because it said it could not establish a connection. So the report I post will not be an up to date MBAM report.

I'll be posting all of the reports in the next hour or so. Thanks again for all your help.

Link to post
Share on other sites

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows Vista Home Premium x86

Ran by Bryon on Thu 05/16/2013 at 16:45:28.71

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1518994112-2860133546-2856919723-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\freecauseurlsearchhook.fctoolbarurlsearchhook

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\freecauseurlsearchhook.fctoolbarurlsearchhook.1

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\stronghold online backup

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\freecause

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\fun web products

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\funwebproducts

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.FCTB000058757Pos

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.FCTB000058757Pos.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.IEToolbar

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.IEToolbar.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.IEToolbar.3

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.JSOptionsImpl

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000058757.JSOptionsImpl.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.FCTB000058757Pos

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.FCTB000058757Pos.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.IEToolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.IEToolbar.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.IEToolbar.3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.JSOptionsImpl

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000058757.JSOptionsImpl.1

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E5995957-9FAD-400E-94DD-41A1D4DC36C4}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{e8a61584-f24e-462b-9103-32d5d2851213}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E5995957-9FAD-400E-94DD-41A1D4DC36C4}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{e8a61584-f24e-462b-9103-32d5d2851213}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}

~~~ Files

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"

Successfully deleted: [Folder] "C:\Users\Bryon\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\Bryon\appdata\local\strongvault"

Successfully deleted: [Folder] "C:\Users\Bryon\appdata\local\strongvault online backup"

Successfully deleted: [Folder] "C:\Users\Bryon\appdata\locallow\funwebproducts"

Successfully deleted: [Folder] "C:\Program Files\infoatoms"

Successfully deleted: [Folder] "C:\Program Files\selectrebates"

Successfully deleted: [Folder] "C:\Program Files\strongvault online backup"

Successfully deleted: [Folder] "C:\Users\Bryon\AppData\Roaming\microsoft\windows\start menu\programs\strongvault online backup"

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Users\Bryon\appdata\locallow\asksbar"

Successfully deleted: [Folder] "C:\Program Files\asksbar"

~~~ FireFox

Successfully deleted: [File] C:\Users\Bryon\AppData\Roaming\mozilla\firefox\profiles\qgwmbn3g.default\searchplugins\conduit.xml

Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\infoatoms@infoatoms.com"

Successfully deleted: [Folder] C:\Users\Bryon\AppData\Roaming\mozilla\firefox\profiles\qgwmbn3g.default\extensions\{739DF940-C5EE-4BAB-9D7E-270894AE687A}

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\infoatoms@infoatoms.com

Successfully deleted the following from C:\Users\Bryon\AppData\Roaming\mozilla\firefox\profiles\qgwmbn3g.default\prefs.js

user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");

user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");

user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN20199949482699112&UM=2&SearchSource=3&q={searchTerms}");

user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search");

user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN20199949482699112&UM=2&q=");

user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN20199949482699112&UM=2&q=");

user_pref("smartbar.originalSearchAddressUrl", "");

user_pref("smartbar.originalSearchEngine", "");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 05/16/2013 at 16:53:18.61

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM:

alwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2012.12.14.11

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Bryon :: BRYON-PC [administrator]

5/17/2013 7:03:11 AM

mbam-log-2013-05-17 (07-03-11).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 227867

Time elapsed: 12 minute(s), 35 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Adwcleaner:

# AdwCleaner v2.301 - Logfile created 05/17/2013 at 07:18:56

# Updated 16/05/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : Bryon - BRYON-PC

# Boot Mode : Normal

# Running from : C:\Users\Bryon\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\Users\Bryon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk

Folder Found : C:\Users\Bryon\AppData\Local\PackageAware

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AskSBar Uninstall

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Key Found : HKLM\SOFTWARE\FCTB000058757

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk

Key Found : HKLM\Software\InfoAtoms

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms

Key Found : HKLM\Software\Viewpoint

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Bryon\AppData\Roaming\Mozilla\Firefox\Profiles\qgwmbn3g.default\prefs.js

Found : user_pref("CT3289847.FF19Solved", "true");

Found : user_pref("CT3289847.UserID", "UN20199949482699112");

Found : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");

Found : user_pref("CT3289847.installDate", "11/4/2013 14:57:27");

Found : user_pref("CT3289847.installerVersion", "1.3.7.3");

Found : user_pref("CT3289847.keyword", "true");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Bryon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6558 octets] - [17/05/2013 07:18:56]

########## EOF - C:\AdwCleaner[R1].txt - [6618 octets] ##########

Roguekiller:

ogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : Bryon [Admin rights]

Mode : Scan -- Date : 05/17/2013 07:28:23

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableCMD (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableCMD (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

SSDT[21] : NtAlpcConnectPort @ 0x821EB8A1 -> HOOKED (Unknown @ 0x8768A7B8)

SSDT[42] : NtAssignProcessToJobObject @ 0x821BEB32 -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794270)

SSDT[78] : NtCreateThread @ 0x82292DC8 -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807942F0)

SSDT[194] : NtOpenProcess @ 0x8222213F -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807946B0)

SSDT[201] : NtOpenThread @ 0x8221D63B -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794580)

SSDT[210] : NtProtectVirtualMemory @ 0x8221B3F2 -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794380)

SSDT[289] : NtSetContextThread @ 0x8229425F -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807941F0)

SSDT[334] : NtTerminateProcess @ 0x821F2173 -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794500)

SSDT[335] : NtTerminateThread @ 0x8221D670 -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794400)

SSDT[358] : NtWriteVirtualMemory @ 0x8220EA2F -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80794480)

S_SSDT[7] : NtGdiAlphaBlend -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807954A0)

S_SSDT[13] : NtGdiBitBlt -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795660)

S_SSDT[235] : NtGdiMaskBlt -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807955F0)

S_SSDT[241] : NtGdiOpenDCW -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807879C0)

S_SSDT[245] : NtGdiPlgBlt -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795510)

S_SSDT[301] : NtGdiStretchBlt -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795430)

S_SSDT[307] : NtGdiTransparentBlt -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795580)

S_SSDT[403] : NtUserGetClipboardData -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807956C0)

S_SSDT[418] : NtUserGetForegroundWindow -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795340)

S_SSDT[504] : NtUserQueryWindow -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80795220)

S_SSDT[531] : NtUserSetClipboardData -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x80787A80)

S_SSDT[617] : NtUserWindowFromPoint -> HOOKED (\SystemRoot\System32\drivers\WRkrn.sys @ 0x807952B0)

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BEVT-60ZCT0 ATA Device +++++

--- User ---

[MBR] 1f5905a8e776044c3dc3f408096a4d1b

[bSP] 5c02c5c500a7b8ed48438d9280cd9ba0 : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 140576 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 287900865 | Size: 12048 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05172013_02d0728.txt >>

RKreport[1]_S_05172013_02d0728.txt

DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16483

Run by Bryon at 7:32:47 on 2013-05-17

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3006.1489 [GMT -5:00]

.

AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\taskeng.exe

c:\Users\Bryon\Downloads\RogueKiller.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mDefault_Page_URL = hxxp://www.google.com

uURLSearchHooks: FCToolbarURLSearchHook Class: {0adb501b-f9c4-4c02-a9ed-2f605a0586e0} -

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

dURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>

dURLSearchHooks: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - <orphaned>

BHO: MRI_DISABLED - <orphaned>

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: FCTBPos00Pos Class: {28A27F58-704F-40E1-8053-28E909FBF604} -

BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll

TB: Mob Wars Toolbar: {6857857C-15D3-435D-AF19-E0217298B416} -

TB: ShopAtHome Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} -

TB: Mob Wars Toolbar: {6857857C-15D3-435D-AF19-E0217298B416} -

TB: ShopAtHome Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} -

uRun: [sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe"

uRun: [backupAgent] c:\program files\strongvault online backup\BackupAgent.exe

uRunOnce: [shockwave Updater] "c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe" -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; FunWebProducts; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://espn.go.com/free-online-games/dcrFrame?swfPath=http://a.espncdn.com/arcade/prod/games/laser_tag/20090610/laser_tag.dcr&width=640&height=480&sw2=&gameID=60&swlist="

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\users\bryon\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoViewOnDrive = dword:0

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDevMgrUpdate = dword:0

uPolicies-Explorer: NoWindowsUpdate = dword:0

uPolicies-System: NoDispAppearancePage = dword:0

uPolicies-System: NoDispSettingsPage = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoViewOnDrive = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDevMgrUpdate = dword:0

mPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: NoDispAppearancePage = dword:0

mPolicies-System: NoDispSettingsPage = dword:0

mPolicies-Explorer: NoViewOnDrive = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDevMgrUpdate = dword:0

mPolicies-Explorer: NoWindowsUpdate = dword:0

mPolicies-System: NoDispAppearancePage = dword:0

mPolicies-System: NoDispSettingsPage = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: eenroller.net

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://synthes.webex.com/client/T27L/webex/ieatgpc1.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E34F52FE-7769-46CE-8F8B-5E8ABAD2E9FC} - hxxps://cvpn.uhc.com/CACHE/sdesktop/install/binaries/instweb.cab

TCP: NameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{6814BB6D-D2FD-4DBF-A60E-A03D086F7468} : DHCPNameServer = 97.64.183.164 97.64.209.37

TCP: Interfaces\{AB265F25-3B2D-4F71-9BBD-CF970E3B358A} : DHCPNameServer = 97.64.183.164 97.64.209.37

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\822\G2AWinLogon.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\bryon\appdata\roaming\mozilla\firefox\profiles\qgwmbn3g.default\

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\users\bryon\appdata\local\citrix\plugins\97\npappdetector.dll

FF - plugin: c:\users\bryon\appdata\roaming\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll

FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-2-21 117792]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-3-19 64800]

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20080808.007\IDSvix86.sys [2008-8-11 261680]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-10 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-10 682344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-10 21104]

R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-2-21 735728]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-8-12 99376]

S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\mcafee security scan\3.0.318\mcchsvc.exe" --> c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2007-8-24 149352]

S4 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-28 1251720]

.

=============== File Associations ===============

.

ShellExec: sfviewer.exe: Open=c:\program files\internet explorer\iexplore.exe "%1"

.

=============== Created Last 30 ================

.

2013-05-17 12:22:28 -------- d-----w- c:\users\bryon\appdata\local\Macromedia

2013-05-17 08:23:03 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{abf5eefc-8c7b-4a4e-9a48-d9ea82b15667}\mpengine.dll

2013-05-17 08:19:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-16 21:45:15 -------- d-----w- c:\windows\ERUNT

2013-05-16 21:44:14 -------- d-----w- C:\JRT

2013-05-16 20:29:51 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-16 20:29:51 37376 ----a-w- c:\windows\system32\cdd.dll

2013-05-16 20:29:20 2049024 ----a-w- c:\windows\system32\win32k.sys

.

==================== Find3M ====================

.

2013-05-17 09:44:06 151728 ----a-w- c:\windows\system32\WRusr.dll

2013-05-17 09:44:06 117792 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2013-05-16 20:16:08 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-16 20:16:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-02 07:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-11 14:22:56 770384 ----a-w- c:\windows\system32\msvcr100.dll

2013-04-11 14:22:56 421200 ----a-w- c:\windows\system32\msvcp100.dll

2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe

2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-03-03 19:07:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

.

============= FINISH: 7:33:36.02 ===============

THANKS!!!

Link to post
Share on other sites

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Did you reset your Internet Explorer settings?

Link to post
Share on other sites

Reset settings of IE. Still not working. Ran AdwCleaner.

Here is the report:

# AdwCleaner v2.301 - Logfile created 05/17/2013 at 09:22:50

# Updated 16/05/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : Bryon - BRYON-PC

# Boot Mode : Normal

# Running from : C:\Users\Bryon\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\Bryon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk

Folder Deleted : C:\Users\Bryon\AppData\Local\PackageAware

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AskSBar Uninstall

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Key Deleted : HKLM\SOFTWARE\FCTB000058757

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk

Key Deleted : HKLM\Software\InfoAtoms

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms

Key Deleted : HKLM\Software\Viewpoint

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Bryon\AppData\Roaming\Mozilla\Firefox\Profiles\qgwmbn3g.default\prefs.js

Deleted : user_pref("CT3289847.FF19Solved", "true");

Deleted : user_pref("CT3289847.UserID", "UN20199949482699112");

Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");

Deleted : user_pref("CT3289847.installDate", "11/4/2013 14:57:27");

Deleted : user_pref("CT3289847.installerVersion", "1.3.7.3");

Deleted : user_pref("CT3289847.keyword", "true");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Bryon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6687 octets] - [17/05/2013 07:18:56]

AdwCleaner[s1].txt - [6645 octets] - [17/05/2013 09:22:50]

########## EOF - C:\AdwCleaner[s1].txt - [6705 octets] ##########

Thank you Maniac

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Maniac,

I'd first like to apologize this took awhile, I've been out of town without access to my computer. Here is the combofix log broken into two posts. Thanks again for your assistance with this.

ComboFix 13-05-20.01 - Bryon 05/21/2013 10:49:21.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3006.1885 [GMT -5:00]

Running from: c:\users\Bryn\Desktop\ComboFix.exe

AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Bryon\AppData\Local\Microsoft\Windows\Temporary Internet Files\pse_350_enu.exe

c:\users\Bryon\Documents\~WRL0004.tmp

c:\users\Bryon\g2mdlhlpx.exe

c:\users\Bryon\GoToAssistDownloadHelper.exe

c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf

c:\windows\system32\KBL.LOG

.

.

((((((((((((((((((((((((( Files Created from 2013-04-21 to 2013-05-21 )))))))))))))))))))))))))))))))

.

.

2013-05-21 16:07 . 2013-05-21 16:07 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-21 15:35 . 2013-05-14 06:49 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{58C72A8E-AE5A-496F-B450-1CE56960CE47}\mpengine.dll ERROR(0x00000005)

2013-05-17 12:22 . 2013-05-17 12:22 -------- d-----w- c:\users\Bryon\AppData\Local\Macromedia

2013-05-17 08:19 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-16 21:45 . 2013-05-16 21:45 -------- d-----w- c:\windows\ERUNT

2013-05-16 21:44 . 2013-05-16 21:45 -------- d-----w- C:\JRT

2013-05-16 20:29 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-16 20:29 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll

2013-05-16 20:29 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-17 09:44 . 2012-02-21 21:08 151728 ----a-w- c:\windows\system32\WRusr.dll

2013-05-17 09:44 . 2012-02-21 21:08 117792 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2013-05-16 20:16 . 2012-12-13 21:04 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-16 20:16 . 2011-08-16 17:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-14 06:49 . 2008-05-29 22:19 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005)

2013-05-02 07:06 . 2009-10-03 12:26 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-11 14:22 . 2013-04-11 19:58 421200 ----a-w- c:\windows\system32\msvcp100.dll

2013-04-11 14:22 . 2013-04-11 19:58 770384 ----a-w- c:\windows\system32\msvcr100.dll

2013-03-11 13:25 . 2013-04-09 20:34 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25 . 2013-04-09 20:34 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45 . 2013-04-09 20:34 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:28 . 2013-04-09 20:34 64000 ----a-w- c:\windows\system32\smss.exe

2013-03-08 03:53 . 2013-04-09 20:34 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 03:52 . 2013-04-09 20:34 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-03-03 19:07 . 2013-04-09 20:34 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-03-28 08:04 . 2012-03-28 08:04 124864 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll

2012-03-28 08:47 . 2012-03-28 08:47 13760 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll

2012-03-28 08:06 . 2012-03-28 08:06 71104 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll

2012-03-28 08:05 . 2012-03-28 08:05 92096 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll

2012-03-28 08:05 . 2012-03-28 08:05 22976 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll

2012-03-28 08:03 . 2012-03-28 08:03 255936 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll

2012-03-28 08:05 . 2012-03-28 08:05 32192 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll

2012-03-28 08:05 . 2012-03-28 08:05 40896 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll

2012-03-19 15:21 . 2012-03-19 15:21 903096 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll

2012-03-28 08:06 . 2012-03-28 08:06 24512 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll

2013-01-05 03:45 . 2013-01-15 17:08 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\drivers\atapi.sys

[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[7] 2008-01-21 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[7] 2008-01-21 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[7] 2006-11-02 . 4F4FCB8B6EA06784FB6D475B7EC7300F . 19048 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

.

[7] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys

[7] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys

.

[7] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys

[7] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

.

[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\drivers\kbdclass.sys

[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys

[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys

[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys

[7] 2008-01-21 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys

[7] 2008-01-21 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_a81145df\kbdclass.sys

[7] 2008-01-21 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys

[7] 2008-01-21 . C9B0CF786D5F151A43C7BE8E243F2819 . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys

[7] 2006-11-02 . 1A48765F92BA1A88445FC25C9C9D94FC . 32872 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys

.

[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys

[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys

[7] 2008-01-21 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

.

[7] 2013-03-03 . 2C1121F2B87E9A6B12485DF53CD848C7 . 1082232 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys

[7] 2013-03-03 . 2C1121F2B87E9A6B12485DF53CD848C7 . 1082232 . . [6.0.6002.18799] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys

[7] 2013-03-03 . ECB54A0E9C40B00CF8FEFE5F455A1EFB . 1083240 . . [6.0.6002.23070] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys

[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys

[7] 2008-01-21 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

.

[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys

[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys

.

[7] 2013-01-04 . 3535CD93F944C00F098E73E12EE7FEB6 . 914792 . . [6.0.6002.23013] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys

[7] 2013-01-04 . 74E2D020C47BB2B2FCCBA29A518A7EB4 . 905576 . . [6.0.6002.18764] . . c:\windows\System32\drivers\tcpip.sys

[7] 2013-01-04 . 74E2D020C47BB2B2FCCBA29A518A7EB4 . 905576 . . [6.0.6002.18764] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys

[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys

[7] 2012-03-30 . EE7E10BED85C312C1D5D30C435BDDA9F . 914304 . . [6.0.6002.22828] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys

[7] 2011-09-20 . 814A1C66FBD4E1B310A517221F1456BF . 905088 . . [6.0.6002.18519] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys

[7] 2011-09-20 . 16731B631F28F63CD9F4CB60940E7DDD . 913280 . . [6.0.6002.22719] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys

[7] 2011-06-17 . 6647FCE6FC4970DAAFE5C64C794513D3 . 913296 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys

[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys

[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys

[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys

[7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys

[7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys

[7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys

[7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys

[7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys

[7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys

[7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys

[7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys

[7] 2009-12-08 . 1ACBB7A47E78F4CC82D2EFFB72901528 . 897624 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys

[7] 2009-12-08 . 5653230D480A9C54D169E1B080B72CF5 . 900696 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys

[7] 2009-12-08 . 46E6685F3E92AEC743773ADD4CD54F57 . 907832 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys

[7] 2009-12-08 . DA467E7619AE5F4588E6262C13C8940A . 904776 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys

.

[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll

[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll

.

[7] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe

[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe

[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe

[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe

[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe

[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe

[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe

[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe

[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe

[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe

[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe

[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe

[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe

[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe

[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe

[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe

.

[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll

[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll

.

[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll

[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll

.

[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll

[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

[7] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll

.

[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll

[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll

[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll

[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll

[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll

[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll

[7] 2008-01-21 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll

.

[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe

[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

[7] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe

.

[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe

[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe

[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe

[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe

[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe

[7] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe

.

[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe

[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[7] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

.

[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe

[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe

[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe

[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe

[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe

[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe

[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe

.

[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys

[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys

[7] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys

.

[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll

[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll

[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll

[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll

[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll

[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll

[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll

[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll

[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll

[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll

[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll

[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll

[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll

.

[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll

[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll

[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll

[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll

[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll

[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

.

[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll

[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll

[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll

[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll

[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll

[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll

[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll

.

[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll

[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[7] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll

.

[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll

[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll

[7] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll

[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll

[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll

[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll

[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll

[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll

[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll

[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll

[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll

[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll

[7] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll

.

[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll

[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll

.

[7] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll

[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll

[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll

[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll

[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll

[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll

[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll

[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll

[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll

[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll

[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll

[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll

[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll

[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll

[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll

[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll

[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll

[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll

.

[7] 2013-05-05 . 1152DE9D7FE16EC92A12165D1CBE8406 . 12325888 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20594_none_d3773bc179617094\mshtml.dll

[7] 2013-05-05 . 26F30066B9FA78C97A0E92803D496211 . 12324864 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll

[7] 2013-05-05 . 26F30066B9FA78C97A0E92803D496211 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16484_none_d2f86ee2603bb4d9\mshtml.dll

[7] 2013-04-04 . 79B0D843B26BEA808EA89BA2D8A026F2 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16483_none_d2f76e98603c9b82\mshtml.dll

[7] 2013-04-04 . 4EBF337D1F52EA9202072348BA41CA95 . 12325376 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20593_none_d3763b777962573d\mshtml.dll

[7] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll

[7] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll

[7] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll

[7] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll

[7] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll

[7] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll

[7] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll

[7] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll

.

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll

[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll

[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll

[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll

[-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll

.

[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll

[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll

[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

.

[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll

[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

.

[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll

[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll

[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll

.

[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll

[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

.

[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll

[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll

.

[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe

[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

.

[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll

[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll

[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll

.

[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll

[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[7] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

.

[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe

[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

.

[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll

[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll

[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll

[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll

[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll

[7] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll

[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll

[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll

[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll

[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll

[7] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll

[7] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll

[7] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll

[7] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll

[7] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll

[7] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll

[7] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll

[7] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll

[7] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll

[7] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll

[7] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll

[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll

[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll

[7] 2012-01-06 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll

[7] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll

[7] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll

[7] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.23266] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll

[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.19170] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll

[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.23250] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll

[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.19154] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll

[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.23216] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll

[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.19120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll

[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll

[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll

[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll

[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll

[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll

[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll

[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll

[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll

[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll

[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll

[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll

[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll

[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll

[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll

[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll

[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll

[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll

[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll

[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll

[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll

[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll

[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll

[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll

[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll

[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.22874] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll

[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18783] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll

[7] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll

[7] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll

[7] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll

[7] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll

[7] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll

[7] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll

[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll

[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll

[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll

[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll

[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll

[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll

[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll

[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll

[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll

[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll

[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll

[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll

[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll

[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll

[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll

[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll

[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll

[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll

[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll

[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll

[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll

[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll

[7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll

[7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll

[7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll

[7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll

[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll

[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll

[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll

[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll

[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll

.

[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll

[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

.

Link to post
Share on other sites

[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll

[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll

.

[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe

[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[7] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

.

[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe

[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

.

[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll

[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll

[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll

[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll

[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll

[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll

[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll

.

[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll

[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll

[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll

[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll

[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll

[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll

[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll

.

[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll

[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll

.

[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe

[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

.

[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll

[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll

[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll

[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll

[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll

[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll

[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll

[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll

.

[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll

[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll

.

[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll

[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

.

[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe

[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

.

[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll

[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll

[7] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll

.

[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll

[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll

[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll

[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll

[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll

[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll

[7] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll

[7] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll

[7] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll

.

[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll

[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll

.

[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll

[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll

[7] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll

.

[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll

[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll

.

[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys

[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

.

[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll

[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll

[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll

.

[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll

[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll

[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll

[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll

[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll

[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll

.

[7] 2013-03-11 . 21870BAB9C9B802AC641DD644708BDE4 . 3603816 . . [6.0.6002.18805] . . c:\windows\System32\ntkrnlpa.exe

[7] 2013-03-11 . 21870BAB9C9B802AC641DD644708BDE4 . 3603816 . . [6.0.6002.18805] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_6e1be9dcb144c6ec\ntkrnlpa.exe

[7] 2013-03-11 . A3D98D9C23850B1EF966E005E7845397 . 3606904 . . [6.0.6002.23076] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_6e5aaf9fca9a76e6\ntkrnlpa.exe

[7] 2013-01-22 . 490BDB5E56352494E699FBA870045EC7 . 3604328 . . [6.0.6002.23025] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_6e8fbef1ca72d1da\ntkrnlpa.exe

[7] 2013-01-05 . E185428925DBC53CE59B2A5CBA64B837 . 3602808 . . [6.0.6002.18765] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_6ddb086eb175716b\ntkrnlpa.exe

[7] 2012-08-29 . 0802CFF50B3020D49884195DC065CF20 . 3604352 . . [6.0.6002.22920] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_6e8ae55dca771fe5\ntkrnlpa.exe

[7] 2012-08-29 . 244C631BE2F7F36EAD9DDAEED95AA298 . 3602816 . . [6.0.6002.18686] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_6dc666fab184c57d\ntkrnlpa.exe

[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntkrnlpa.exe

[7] 2012-04-03 . BEF3218359377715B1D85D7DF823E123 . 3604352 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntkrnlpa.exe

[7] 2012-03-06 . 67FB74F129CD6EB6A299B232B09F2FD8 . 3602816 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntkrnlpa.exe

[7] 2012-03-06 . 67C80F4BEF37E4F40AC38BBE6BCC6198 . 3603840 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntkrnlpa.exe

[7] 2011-10-27 . 5B3C5FBBE4FB0DCFFCEC402B44BC6719 . 3603840 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntkrnlpa.exe

[7] 2011-10-27 . CA537C1021ACDF5B3D14A01B0D4A09B7 . 3602816 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntkrnlpa.exe

[7] 2011-06-20 . A94B3B8B4B35ACA0290A2A8CC2977094 . 3603856 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntkrnlpa.exe

[7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntkrnlpa.exe

[7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe

[7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe

[7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe

[7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe

[7] 2010-06-08 . 3FAFA4C0567D205F56C15D8B9D469F9D . 3601792 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntkrnlpa.exe

[7] 2010-06-08 . E3A2697835A14C75B233606357AB46DD . 3600768 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntkrnlpa.exe

[7] 2010-06-08 . 4F332C0A64F4209EB322DB35310BA879 . 3598216 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntkrnlpa.exe

[7] 2010-06-08 . 560C7E5036D6D0F9CC4AED5DE885DB8A . 3600784 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntkrnlpa.exe

[7] 2010-02-18 . AF2FC3FE3AD6860A808B237171BA6EED . 3600776 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe

[7] 2010-02-18 . D8077969EE22B889B793D076FDCA7066 . 3502480 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe

[7] 2010-02-18 . C2334AE54E10BCA2631660F649010B03 . 3598216 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe

[7] 2010-02-18 . 642161C66547496ACCD2794AB6B4284F . 3504008 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe

[7] 2010-02-18 . 1FED62B16D372E169CF355B2F3210A65 . 3601800 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe

[7] 2010-02-18 . 8BBC454D2F91D92E3E73DB5B5A0D8D8E . 3600776 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe

[7] 2009-12-08 . D2859DAE5F6730DF5BF1C25CFC376797 . 3503704 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntkrnlpa.exe

[7] 2009-12-08 . 84D47D16C6E7FB61D3A2F7738838A57B . 3502168 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntkrnlpa.exe

[7] 2009-12-08 . C89111B0489D5CF7B14CBDB5D225A88F . 3597912 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntkrnlpa.exe

[7] 2009-12-08 . 4A65C0C8743AD660A9DE8C2B68218FC7 . 3600472 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntkrnlpa.exe

[7] 2009-12-08 . C481B4F271D3D234B93E19F5531D1D55 . 3601464 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntkrnlpa.exe

[7] 2009-12-08 . 735CDD610B7A0E7B5C6A153DD45ECE32 . 3600456 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntkrnlpa.exe

[7] 2009-08-05 . 2E6E7BA5C8764F80ADA7D4C98E8B5D4A . 3599960 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntkrnlpa.exe

[7] 2009-08-05 . FF493ACD34EE896B8D114918439FAF10 . 3502152 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntkrnlpa.exe

[7] 2009-08-05 . FBA1B3594C1F691F1FA917ADE45D1DB5 . 3597896 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntkrnlpa.exe

[7] 2009-08-05 . 5FBCBEBDC19FB9A3F9C102D30FCD1E9E . 3599928 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntkrnlpa.exe

[7] 2009-08-05 . 6AD406205B25DC4EFBBCB044744248AD . 3503688 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntkrnlpa.exe

[7] 2009-08-04 . 0517782FC7FEDBEBFAD15566E75B732F . 3600456 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntkrnlpa.exe

[7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe

[7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe

[7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe

.

[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll

[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll

.

[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll

[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll

[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll

.

[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll

[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll

[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll

.

[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll

[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll

.

[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll

[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll

[7] 2008-01-21 02:23 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll

.

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll

.

[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll

[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll

[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll

.

[7] 2013-04-04 . 3F00BE80B9CEA20B7FE7363D15EDDB94 . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_586ab855ebd8e83a\iexplore.exe

[7] 2013-04-04 . C036AB1ED8BAC04FE4A349BA263077BB . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_58e9853504fea3f5\iexplore.exe

[7] 2013-02-22 . 4145E2B5663F6FACC08EFDB17B658BB2 . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_58f755ff04f3d409\iexplore.exe

[7] 2013-02-22 . 32732CEDE2A1106B736EF3D84054EE04 . 757376 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_5878891febce184e\iexplore.exe

[7] 2013-02-02 . DDE5A0DFAF7C6370FB36402D7A746ED3 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_58728763ebd38044\iexplore.exe

[7] 2013-02-02 . A285E1965C115031DA02B777EE9D7689 . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_58f1544304f93bff\iexplore.exe

[7] 2013-01-08 . 698EB1E5F8C66344D97C00B5699E871D . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_58815877ebc7c9af\iexplore.exe

[7] 2013-01-08 . F05982E56ABD835AA8DF260EEC873E5B . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_58ff250d04ee6c13\iexplore.exe

[7] 2012-11-14 . 0D286C0FE561D1A7EB30E83A0FF305B2 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_588f2941ebbcf9c3\iexplore.exe

[7] 2012-11-14 . F691418EE9A6344AEB5C1B0518FBF8AE . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_590bf58d04e482d0\iexplore.exe

[7] 2012-10-08 . 270A1342BD5AF95CA25A586B4C2F1522 . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_588d28adebbec715\iexplore.exe

[7] 2012-10-08 . CECB15F834FC2B4B150449717ADE18DD . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_5908f4af04e736cb\iexplore.exe

[7] 2012-08-24 . 62188720CE27B982B4285C03163C9FB3 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_5918c60d04da998d\iexplore.exe

[7] 2012-08-24 . 22CC6CDBA678790046693654C3B212E4 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_5888273bebc34862\iexplore.exe

[7] 2012-06-29 . 93569D46D79F9756ED077156496AFE23 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_589af977ebb3f729\iexplore.exe

[7] 2012-06-28 . EB4105348272018D096FEB655CD1608C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_5915c52f04dd4d88\iexplore.exe

[7] 2012-06-02 . 34B01BBD8F00B6B9C9248DC4F1E3CD01 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_5899f92debb4ddd2\iexplore.exe

[7] 2012-06-02 . BE967C74B89577B78FB57C061E12B04C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_5914c4e504de3431\iexplore.exe

[7] 2012-05-17 . 0129BB16161C2FD9A6B19111AB047198 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_5898f8e3ebb5c47b\iexplore.exe

[7] 2012-05-17 . 268982F1FD671A077C6A2AF41E351436 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_5912c45104e00183\iexplore.exe

[7] 2012-01-06 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_58a99749ebaa0de6\iexplore.exe

[7] 2011-11-03 . 2A268DF89913A0E927091077878EDB3E . 638240 . . [8.00.6001.23266] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23266_none_1299bea24914c8a9\iexplore.exe

[7] 2011-11-03 . CCDB0B2D1F2E016966B1DB1097E24842 . 638240 . . [8.00.6001.19170] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19170_none_11ff502f3004acc6\iexplore.exe

[7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.23250] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_129e8cd2491214ae\iexplore.exe

[7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.19154] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_1218f12f2ff0da40\iexplore.exe

[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.23216] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_12cfce3e48ec3cf4\iexplore.exe

[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.19120] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_12355fcb2fdc2111\iexplore.exe

[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe

[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe

[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe

[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe

[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe

[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe

[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe

[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe

[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe

[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe

[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe

[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe

[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe

[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe

[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe

[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe

[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe

[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe

[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe

[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18865] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe

[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.22918] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe

[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18828] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe

[7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.22903] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe

[7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18813] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe

[7] 2009-04-24 . 1F44940EF1D07D0BDAF80E55853DFBD0 . 634648 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe

[7] 2009-04-24 . F294D8EEB05C835EC44A12CE0A1DFE7A . 634632 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe

[7] 2009-04-24 . D5271AC4A06AD9D1E2EA0151B79B2657 . 634648 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe

[7] 2009-04-24 . D6157423C117F24D24695866A1D0A93F . 634648 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe

[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe

[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe

[7] 2009-03-03 . 9E6C1527D9A2C64BFD780AA23075380F . 636072 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe

[7] 2009-03-03 . 8BA2B7A05F88BE0D45237A0994AD8366 . 636072 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe

[7] 2009-03-03 . EA4BE33726155F89D89A3FE7142878E0 . 636072 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe

[7] 2009-03-03 . 1DD66A2851DACDEC32EAE8F9A8865ABD . 636072 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe

[7] 2009-01-15 . F0B1CA517977BA2FF6DA33F1B966C488 . 634024 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe

[7] 2009-01-15 . 0844F5B9CB3BB85A917D347EF1565B6C . 634024 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe

[7] 2008-10-16 . D762642A109433EEDCD332B0A9511137 . 634024 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe

[7] 2008-10-16 . 4CBA2F58668F2D5F3259CBE73E227F25 . 634024 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe

[7] 2008-10-02 . 19403B64906C9EAC627E3C10847B0FDA . 633632 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe

[7] 2008-10-02 . 6655B851D9EEF7C83395EE52D551B448 . 633632 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe

[7] 2008-06-27 . 157F8DE991396C536820D7FA5C8DCF7D . 625664 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe

[7] 2008-06-27 . 4DBD95312B1C96C5285D38F1D748CD4D . 625664 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe

[7] 2008-04-25 . 07ED775D6DB4BFA96D7CFB09EB228418 . 625664 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe

[7] 2008-04-25 . 9F1427F203CA078005C9943800929640 . 625664 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe

[7] 2008-02-22 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe

[7] 2008-02-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe

[7] 2008-01-21 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe

.

.

[7] 2013-03-11 . E31AE50AFB2A4AE804D016E02EE6BE10 . 3551080 . . [6.0.6002.18805] . . c:\windows\System32\ntoskrnl.exe

[7] 2013-03-11 . E31AE50AFB2A4AE804D016E02EE6BE10 . 3551080 . . [6.0.6002.18805] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_6e1be9dcb144c6ec\ntoskrnl.exe

[7] 2013-03-11 . E631B32BB66CD39392DA929BD77FFEBA . 3555192 . . [6.0.6002.23076] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_6e5aaf9fca9a76e6\ntoskrnl.exe

[7] 2013-01-22 . 7677206104D24CC75A7D4DA5926D749A . 3553128 . . [6.0.6002.23025] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_6e8fbef1ca72d1da\ntoskrnl.exe

[7] 2013-01-05 . 691F1612558BF6B27F952C4B1073B0D1 . 3550072 . . [6.0.6002.18765] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_6ddb086eb175716b\ntoskrnl.exe

[7] 2012-08-29 . 4E7F06BA9E352E072AE0EDF3DB7B7462 . 3553152 . . [6.0.6002.22920] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_6e8ae55dca771fe5\ntoskrnl.exe

[7] 2012-08-29 . 0895557E35AE46729FFEFCB3906EBC69 . 3550080 . . [6.0.6002.18686] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_6dc666fab184c57d\ntoskrnl.exe

[7] 2012-04-03 . B9907DD4BE7B1B39573BF66554AB224E . 3552640 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe

[7] 2012-04-03 . BA4C485548914034B471EB6FC2B50082 . 3550080 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe

[7] 2012-03-06 . D960F9E1FCA0C86387E806D9AED319FB . 3550080 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntoskrnl.exe

[7] 2012-03-06 . FEA4425645424D66DCCC6CD3F417A40D . 3552640 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntoskrnl.exe

[7] 2011-10-27 . C7D1507B837BC41D13D6EAC31A032AE3 . 3550080 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntoskrnl.exe

[7] 2011-10-27 . D91407C7DF48B369E35E9E1426563EFA . 3552640 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntoskrnl.exe

[7] 2011-06-20 . BF4B9F40116DF26B2FC7C20CB69B9D9A . 3552144 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntoskrnl.exe

[7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntoskrnl.exe

[7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe

[7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe

[7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe

[7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe

[7] 2010-06-08 . C5AB434D0C8FA38EAD136FB29E2504B7 . 3550600 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe

[7] 2010-06-08 . F2BEE482023F146CF85EBB15B9E1CD35 . 3548040 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe

[7] 2010-06-08 . D5FA5D17F03E6D39E1A12431DD6F2A39 . 3545992 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe

[7] 2010-06-08 . 47DB9968B8CF2031C46007F42CCE2437 . 3548552 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe

[7] 2010-02-18 . C5759C9345A06EE52C7F5ECCF685CA6D . 3548560 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe

[7] 2010-02-18 . DC44BF78DEB87B7737D0D29B5B8EDAE3 . 3468168 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe

[7] 2010-02-18 . 6025E5530E2C43E1983CC8B840DF2108 . 3545992 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe

[7] 2010-02-18 . F8BEC470EAA8621751F739585C5871CD . 3470216 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe

[7] 2010-02-18 . 31289DD6914686D088582EED4B43F826 . 3550088 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe

[7] 2010-02-18 . A5D0B405442724448D23D61821BEA92A . 3548040 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe

[7] 2009-12-08 . 2972EEF8E834883EEC7C1995639341EF . 3469912 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe

[7] 2009-12-08 . CD2EEBFA39E742C8C066CCE09382A19B . 3467848 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe

[7] 2009-12-08 . 20D040ECE9A8F578D1D938256F34B663 . 3546200 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe

[7] 2009-12-08 . D32E95B17477E183F6019A99BE799BA9 . 3548760 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe

[7] 2009-12-08 . FB82B0147B7D93379B68F8A6A5828C70 . 3550264 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe

[7] 2009-12-08 . 664CA09C523FAB9D01BE6C4028C1B58B . 3548216 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe

[7] 2009-08-05 . 3EEEDCCFB587BCB0E2DE075332498C11 . 3547736 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe

[7] 2009-08-05 . 4765C66A89E7151626FF3545B01D2601 . 3467864 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe

[7] 2009-08-05 . 5302026B0FADB0819009798D3F6BCD77 . 3546184 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe

[7] 2009-08-05 . 09C5FB44F152EFF551A112C931DDE640 . 3548216 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe

[7] 2009-08-05 . D8DCA438CE571DB20BD8C4915CAC0760 . 3469896 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe

[7] 2009-08-04 . 575DD16BF4C21C2F7E2BBE203AC1E957 . 3548216 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe

[7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe

[7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe

[7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe

[7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe

.

[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll

[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll

[7] 2008-01-21 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll

.

[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll

[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll

[7] 2008-01-21 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll

.

[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll

[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll

[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll

.

[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll

[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll

.

[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL

[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"WRSVC"="c:\program files\Webroot\WRSA.exe" [2013-05-17 735728]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

.

c:\users\Bryon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]

2012-03-16 20:37 13672 ----a-w- c:\program files\Citrix\GoToAssist\822\g2awinlogon.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk

backup=c:\windows\pss\Desktop Manager.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-11-10 17:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2007-07-08 17:11 159744 ----a-w- c:\program files\Apoint2K\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]

2007-02-06 23:39 622592 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]

2012-03-28 08:27 309184 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

2006-07-19 19:51 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-09 00:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2007-08-23 00:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2007-09-13 16:47 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

2007-01-30 02:10 46632 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2007-10-09 03:21 8497696 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2007-10-09 03:21 81920 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2007-10-09 03:21 86016 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]

2007-09-04 20:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

2007-01-30 02:12 30248 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]

2007-02-01 18:46 255528 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

2007-09-19 21:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2007-12-20 02:27 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]

2007-08-16 14:56 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2007-07-12 12:00 132496 ----a-w- c:\program files\Java\jre1.6.0_02\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2007-08-17 06:13 218408 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]

2007-01-08 23:53 311296 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - COMHOST

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2007-08-23 22:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-10 08:01 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 20:16]

.

2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 15:38]

.

2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-05 15:38]

.

2013-05-21 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Bryon.job

- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 00:19]

.

2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{9917A13F-17B9-4E81-9BB0-A6B93DA21EE2}.job

- c:\windows\system32\msfeedssync.exe [2012-01-06 15:30]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mStart Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

Trusted Zone: eenroller.net

Trusted Zone: paychex.com\landing

TCP: DhcpNameServer = 97.64.183.164 97.64.209.37

DPF: {E34F52FE-7769-46CE-8F8B-5E8ABAD2E9FC} - hxxps://cvpn.uhc.com/CACHE/sdesktop/install/binaries/instweb.cab

FF - ProfilePath - c:\users\Bryon\AppData\Roaming\Mozilla\Firefox\Profiles\qgwmbn3g.default\

FF - ExtSQL: !HIDDEN! 2009-09-02 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

.

------- File Associations -------

.

JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{6857857C-15D3-435D-AF19-E0217298B416} - c:\program files\Mob Wars Toolbar\Toolbar.dll

WebBrowser-{6857857C-15D3-435D-AF19-E0217298B416} - c:\program files\Mob Wars Toolbar\Toolbar.dll

HKCU-Run-BackupAgent - c:\program files\Strongvault Online Backup\BackupAgent.exe

SafeBoot-Wdf01000.sys

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-05-21 11:07

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"=hex:51,66,7a,6c,4c,1d,38,12,57,b1,c7,

f4,79,94,c1,08,fe,f2,9c,ae,4c,6f,e0,be

"{6857857C-15D3-435D-AF19-E0217298B416}"=hex:51,66,7a,6c,4c,1d,38,12,12,86,44,

6c,e1,5b,33,06,d0,0f,a3,61,77,c6,f0,02

"{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}"=hex:51,66,7a,6c,4c,1d,38,12,56,9f,34,

9c,79,90,a1,0e,ec,df,cd,82,65,37,92,e0

"{07B18EA9-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,c7,8d,a2,

03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de

"{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}"=hex:51,66,7a,6c,4c,1d,38,12,49,e1,1e,

1a,d6,12,cd,0b,d4,1a,c8,43,e4,f4,32,a8

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

"{00A6FAF1-072E-44CF-8957-5838F569A31D}"=hex:51,66,7a,6c,4c,1d,38,12,9f,f9,b5,

04,1c,49,a1,01,f6,41,1b,78,f0,37,e7,09

"{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}"=hex:51,66,7a,6c,4c,1d,38,12,df,b7,6a,

01,a1,4c,1d,08,cf,3b,1d,fb,0e,fe,b4,b6

"{07B18EA1-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,cf,8d,a2,

03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{28A27F58-704F-40E1-8053-28E909FBF604}"=hex:51,66,7a,6c,4c,1d,38,12,36,7c,b1,

2c,7d,3e,8f,05,ff,45,6b,a9,0c,a5,b2,10

"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,

64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c

"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,

69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18

"{E8DAAA30-6CAA-4B58-9603-8E54238219E2}"=hex:51,66,7a,6c,4c,1d,38,12,5e,a9,c9,

ec,98,22,36,0e,e9,15,cd,14,26,dc,5d,f6

"{F0D4B231-DA4B-4DAF-81E4-DFEE4931A4AA}"=hex:51,66,7a,6c,4c,1d,38,12,5f,b1,c7,

f4,79,94,c1,08,fe,f2,9c,ae,4c,6f,e0,be

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:68,0d,eb,11,fd,d5,cc,01

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2013-05-21 11:30:50

ComboFix-quarantined-files.txt 2013-05-21 16:30

.

Pre-Run: 34,551,558,144 bytes free

Post-Run: 36,669,100,032 bytes free

.

- - End Of File - - 35366D1700059E91ABD0DFB818715C39

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

    [*]Check "YES, I accept the Terms of Use."

    [*]Click the Start button.

    [*]Accept any security warnings from your browser.

    [*]Under Scan Settings, check "Scan Archives" and "Remove found threats"

    [*]Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, click List Threats

    [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Click the Back button.

    [*]Click the Finish button.

Link to post
Share on other sites

Please click on Start button, type inetcpl.cpl in the runbox and press Enter.

Click the Connections tab and click the LAN settings option.

Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.

Try again.

Link to post
Share on other sites

Okay, another way:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

Link to post
Share on other sites

I got the following error:

AVPTool installation Failed

"Please try to reboot your computer. Error message is, failed to exrtact the product info into C:\users\bryon\appdata\local\temp\9574515 error is 193"

That is verbatim including the spelling error in "exrtact"

Link to post
Share on other sites

Please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet

  • Double-click on drweb-cureit.exe to start the program.
    An Express Scan of your PC notice will appear.
  • Under Start the Express Scan Now, Click OK to start the scan.
    This is a short scan that will scan the files currently running in memory.
    If something is found, click the Yes button when it asks you if you want to cure it.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the Scan tab and UNcheck Heuristic analysis
  • Back at the main window, click Custom Scan, then Select drives (a red dot will show which drives have been chosen).
  • Then click the Start/Stop Scanning button (green arrow on the right, and the scan will start.
  • When finished, a message will be displayed at the bottom advising if any viruses were found.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can see the icon next to the files found.
    If so, click it, then click the next icon right below and select Move incurable.
    (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
  • Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
  • Save the DrWeb.csv report to your Desktop.
  • Exit Dr.Web Cureit when you have finished.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.