I think something is terribly wrong

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
I am usually fairly self-sufficient with my computer problems but now whenever I try to install anything I get "The Service cannot accept control messages at this time" or when I try to use the control panel.

Additionally Windows aero seems to be inactivated of its own accord, this may only be a symptom of a greater problem.

I run Windows Vista SP2 on an HP pavillion m9040n if that helps.

Here is my Hijack This log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:02 PM, on 30/10/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19154)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\cswright\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Host Driver] C:\Users\cswright\AppData\Local\Temp\dfbhost.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunServices: [Host Driver] C:\Users\cswright\AppData\Local\Temp\dfbhost.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'Default user')
O4 - .DEFAULT User Startup: huum.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Backblaze Service (bzserv) - Unknown owner - C:\Program Files\Backblaze\bzserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98e17e990274c) (gupdate1c98e17e990274c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13543 bytes
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_29
Run by SYSTEM at 12:53:45 on 2011-10-30
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2244 [GMT -4:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Soluto\SolutoService.exe
C:\Windows\system32\msiexec.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe"
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [BigDogPath] c:\windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
mRun: [Domino] c:\windows\Domino.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [<NO NAME>]
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
mRunServices: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
dRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{a7091e1d-36a4-47f1-a739-173cc341414f}\Icon3E5562ED7.ico
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{62CE607A-1353-4A2D-B5D5-4E4AE3B77005} : DhcpNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2011-7-7 376352]
S0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-2 344712]
S0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2011-7-17 51144]
S1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\appdata\local\temp\VSPE.sys [2011-7-13 25984]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-2-29 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 51440]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-2-24 185472]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S2 bzserv;Backblaze Service;c:\program files\backblaze\bzserv.exe [2011-5-16 269096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-18 21504]
S2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2007-8-23 198240]
S2 IcRecUsb;IC Recorder Driver;c:\windows\system32\drivers\IcRecUsb.sys [2008-9-25 17432]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-3-13 16384]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\EngineServer.exe [2010-8-25 22816]
S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]
S2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2010-8-25 147984]
S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2010-8-25 66880]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-3-2 69192]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-13 2255464]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-7-25 42280]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-19 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-11-13 1440384]
S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-2 91896]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-2 43192]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-2 66536]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2009-4-8 0]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-9-2 139368]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-3-18 475136]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-10-30 16:45:10 -------- d-----w- c:\programdata\MFAData
2011-10-28 05:57:34 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5fdbad6f-fdb5-4d2c-bbb0-dd41c06ffd6d}\offreg.dll
2011-10-28 05:57:31 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5fdbad6f-fdb5-4d2c-bbb0-dd41c06ffd6d}\mpengine.dll
2011-10-26 14:13:02 -------- d-----w- c:\program files\Firefly Studios
2011-10-26 08:56:27 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-25 21:04:18 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-25 21:04:18 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 21:04:17 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 21:04:17 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 21:04:16 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 21:04:16 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 21:04:15 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 21:04:15 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 15:45:16 -------- d--h--w- c:\program files\common files\EAInstaller
2011-10-25 13:33:44 -------- d-----w- c:\program files\Battlefield 3
2011-10-21 17:16:28 -------- d-----w- c:\programdata\RELOADED
2011-10-21 16:40:43 -------- d-----w- c:\program files\Payday The Heist
2011-10-15 14:33:01 -------- d-----w- c:\program files\common files\Macrovision Shared
2011-10-15 14:31:54 -------- d-----w- c:\programdata\Rosetta Stone
2011-10-15 14:31:54 -------- d-----w- c:\program files\Rosetta Stone
2011-10-13 20:22:54 -------- d-----w- c:\programdata\Airline Tycoon 2
2011-10-11 21:03:58 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-10-11 21:01:38 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 21:01:38 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-11 21:01:38 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-11 21:01:38 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-04 21:27:29 -------- d-----w- c:\program files\Agrar Simulator 2011
2011-10-02 22:28:26 -------- d-----w- c:\program files\Calibre2
.
==================== Find3M ====================
.
2011-10-30 16:50:07 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-29 20:45:49 1393 --sha-w- c:\windows\system32\mmf.sys
2011-10-15 08:53:00 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53:00 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53:00 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-15 08:53:00 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-30 01:19:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-08-20 20:16:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-14 23:53:45 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-03 11:50:00 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50:00 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:50:00 599144 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50:00 3730024 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50:00 2558568 ----a-w- c:\windows\system32\nvsvc.dll
2011-08-03 11:50:00 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 07:31:54 311912 ----a-w- c:\windows\system32\nvStreaming.exe
.
============= FINISH: 12:56:39.81 ===============
 

Attachments

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
FYI, I have been running McAfee as my antivirus, but I just installed avg and it found some trojans but didn't solve problems.

Running full AVG scan, not sure if AVG scan changes HJT and DDS logs, can post new ones in morning or whenever if necessary.
 

jeffce

Malware Specialist
Joined
May 10, 2011
Messages
1,727
Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.


Vista and Windows 7 users:
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")


Stay with this topic until I give you the all clean post.
----------

Download GMER Rootkit Scanner from here or here.
  • Extract the contents of the zipped file to desktop.
  • Right-click and Run as Administrator GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.


    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
.
----------
 

jeffce

Malware Specialist
Joined
May 10, 2011
Messages
1,727
Hi thecrazycanuck,

I need some information on some unidentified files. We will use Virustotal Please submit these files for analysis

To submit a file to virustotal, please click VirusTotal

copy and paste the following into the upload a file box (one at a time if more than one file is listed)

c:\windows\system32\mmf.sys

scroll down a bit and click "send file", wait for the results and post them in your next reply.

Please note that sometimes the scans take a few minutes. Please ensure that the scan has completed and the results are complete before submitting the next sample. Also please make sure each result is clearly identified as to which sample they belong to.
----------

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.
----------

In your next reply please post the logs created by VirusTotal and ComboFix. :)
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
File name:
mmf.sys
Submission date:
2011-11-01 21:34:40 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.11.01.00 2011.11.01 -
AntiVir 7.11.16.234 2011.11.01 -
Antiy-AVL 2.0.3.7 2011.11.01 -
Avast 6.0.1289.0 2011.11.01 -
AVG 10.0.0.1190 2011.11.01 -
BitDefender 7.2 2011.11.01 -
ByteHero 1.0.0.1 2011.09.23 -
CAT-QuickHeal 11.00 2011.11.01 -
ClamAV 0.97.3.0 2011.11.01 -
Commtouch 5.3.2.6 2011.11.01 -
Comodo 10631 2011.11.01 -
DrWeb 5.0.2.03300 2011.11.01 -
Emsisoft 5.1.0.11 2011.11.01 -
eSafe 7.0.17.0 2011.10.30 -
eTrust-Vet 36.1.8651 2011.11.01 -
F-Prot 4.6.5.141 2011.11.01 -
F-Secure 9.0.16440.0 2011.11.01 -
Fortinet 4.3.370.0 2011.11.01 -
GData 22 2011.11.01 -
Ikarus T3.1.1.107.0 2011.11.01 -
Jiangmin 13.0.900 2011.11.01 -
K7AntiVirus 9.116.5371 2011.11.01 -
Kaspersky 9.0.0.837 2011.11.01 -
McAfee 5.400.0.1158 2011.11.01 -
McAfee-GW-Edition 2010.1D 2011.11.01 -
Microsoft 1.7801 2011.11.01 -
NOD32 6593 2011.11.01 -
Norman 6.07.13 2011.11.01 -
nProtect 2011-11-01.01 2011.11.01 -
Panda 10.0.3.5 2011.11.01 -
PCTools 8.0.0.5 2011.11.01 -
Prevx 3.0 2011.11.01 -
Rising 23.82.01.02 2011.11.01 -
Sophos 4.70.0 2011.11.01 -
SUPERAntiSpyware 4.40.0.1006 2011.11.01 -
Symantec 20111.2.0.82 2011.11.01 -
TheHacker 6.7.0.1.336 2011.10.31 -
TrendMicro 9.500.0.1008 2011.11.01 -
TrendMicro-HouseCall 9.500.0.1008 2011.11.01 -
VIPRE 10938 2011.11.01 -
ViRobot 2011.11.1.4749 2011.11.01 -
VirusBuster 14.1.40.1 2011.11.01 -
Additional information
MD5 : ed099467146559480ef6b83199127861
SHA1 : 7416fa6a6899300821537695e44f643a25e5afd2
SHA256: ee7a95c1ccdabc11eb1f64a763792a9557e997ba9fb90760615110f1d2f3a86b

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
FYI ran combofix in safe mode, thought avg was running even when it wasn't. And yes I am sure AVG wasn't running no AVG in the processes

ComboFix 11-11-02.01 - cswright 02/11/2011 10:43:48.1.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2336 [GMT -4:00]
Running from: c:\users\cswright\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\explorer
c:\program files\explorer\AddressParser\AddressParserConfiguration.xml
c:\program files\explorer\AddressParser\parser_andorra.xml
c:\program files\explorer\AddressParser\parser_austria.xml
c:\program files\explorer\AddressParser\parser_belgium.xml
c:\program files\explorer\AddressParser\parser_canada.xml
c:\program files\explorer\AddressParser\parser_denmark.xml
c:\program files\explorer\AddressParser\parser_france.xml
c:\program files\explorer\AddressParser\parser_germany.xml
c:\program files\explorer\AddressParser\parser_ireland.xml
c:\program files\explorer\AddressParser\parser_italy.xml
c:\program files\explorer\AddressParser\parser_liechtenstein.xml
c:\program files\explorer\AddressParser\parser_luxembourg.xml
c:\program files\explorer\AddressParser\parser_monaco.xml
c:\program files\explorer\AddressParser\parser_netherlands.xml
c:\program files\explorer\AddressParser\parser_norway.xml
c:\program files\explorer\AddressParser\parser_portugal.xml
c:\program files\explorer\AddressParser\parser_spain.xml
c:\program files\explorer\AddressParser\parser_sweden.xml
c:\program files\explorer\AddressParser\parser_switzerland.xml
c:\program files\explorer\AddressParser\parser_uk.xml
c:\program files\explorer\AddressParser\parser_usa.xml
c:\program files\explorer\basemaps\basemaps.de.xml
c:\program files\explorer\basemaps\basemaps.es.xml
c:\program files\explorer\basemaps\basemaps.fr.xml
c:\program files\explorer\basemaps\basemaps.ja-jp.xml
c:\program files\explorer\basemaps\basemaps.xml
c:\program files\explorer\basemaps\basemaps.zh-CN.xml
c:\program files\explorer\basemaps\Server\basemap0.nmf
c:\program files\explorer\basemaps\Server\basemap0.png
c:\program files\explorer\basemaps\Server\basemap1.nmf
c:\program files\explorer\basemaps\Server\basemap1.png
c:\program files\explorer\basemaps\Server\basemap10.nmf
c:\program files\explorer\basemaps\Server\basemap10.png
c:\program files\explorer\basemaps\Server\basemap11.nmf
c:\program files\explorer\basemaps\Server\basemap11.png
c:\program files\explorer\basemaps\Server\basemap2.nmf
c:\program files\explorer\basemaps\Server\basemap2.png
c:\program files\explorer\basemaps\Server\basemap3.nmf
c:\program files\explorer\basemaps\Server\basemap3.png
c:\program files\explorer\basemaps\Server\basemap4.nmf
c:\program files\explorer\basemaps\Server\basemap4.png
c:\program files\explorer\basemaps\Server\basemap5.nmf
c:\program files\explorer\basemaps\Server\basemap5.png
c:\program files\explorer\basemaps\Server\basemap6.nmf
c:\program files\explorer\basemaps\Server\basemap6.png
c:\program files\explorer\basemaps\Server\basemap7.nmf
c:\program files\explorer\basemaps\Server\basemap7.png
c:\program files\explorer\basemaps\Server\basemap8.nmf
c:\program files\explorer\basemaps\Server\basemap8.png
c:\program files\explorer\basemaps\Server\basemap9.nmf
c:\program files\explorer\basemaps\Server\basemap9.png
c:\program files\explorer\basemaps\Server\basemaps.de.xml
c:\program files\explorer\basemaps\Server\basemaps.es.xml
c:\program files\explorer\basemaps\Server\basemaps.fr.xml
c:\program files\explorer\basemaps\Server\basemaps.ja-jp.xml
c:\program files\explorer\basemaps\Server\basemaps.xml
c:\program files\explorer\basemaps\Server\basemaps.zh-CN.xml
c:\program files\explorer\bin\3dAnalystUtil.dll
c:\program files\explorer\bin\3DSymbols.dll
c:\program files\explorer\bin\3DSymbolsLib.dll
c:\program files\explorer\bin\AfCore.dll
c:\program files\explorer\bin\AfUtil.dll
c:\program files\explorer\bin\AGSClient.dll
c:\program files\explorer\bin\aibase.dll
c:\program files\explorer\bin\aifeat.dll
c:\program files\explorer\bin\AISClient.dll
c:\program files\explorer\bin\AISGlobalLib.dll
c:\program files\explorer\bin\aishape.dll
c:\program files\explorer\bin\Animation.dll
c:\program files\explorer\bin\AnnoLayer.dll
c:\program files\explorer\bin\Annotation.dll
c:\program files\explorer\bin\AnnotationLib.dll
c:\program files\explorer\bin\AoInitializer.dll
c:\program files\explorer\bin\AppInitializerLib.dll
c:\program files\explorer\bin\ApplicationConfigurationManager.exe
c:\program files\explorer\bin\ArcGISExplorer.ISCConfig
c:\program files\explorer\bin\atl71.dll
c:\program files\explorer\bin\BasemapLayer.dll
c:\program files\explorer\bin\BasicRasterPicture.dll
c:\program files\explorer\bin\BGLAPI.dll
c:\program files\explorer\bin\BGLAPILib.dll
c:\program files\explorer\bin\BGLFontEngine.dll
c:\program files\explorer\bin\BGLGeomChestLib.dll
c:\program files\explorer\bin\BGLGeometricEffects.dll
c:\program files\explorer\bin\BGLImageCoders.dll
c:\program files\explorer\bin\BGLRasterizerLib.dll
c:\program files\explorer\bin\BGLRasterizerSW.dll
c:\program files\explorer\bin\BGLSymbols.dll
c:\program files\explorer\bin\BGLSymbolsLib.dll
c:\program files\explorer\bin\BGLToGDIHelper.dll
c:\program files\explorer\bin\bin.zreg
c:\program files\explorer\bin\CacheRasterDB.dll
c:\program files\explorer\bin\CadastralFabric.dll
c:\program files\explorer\bin\CadastralFabricLayer.dll
c:\program files\explorer\bin\CadEngine.dll
c:\program files\explorer\bin\CadFDB.dll
c:\program files\explorer\bin\CadLayer.dll
c:\program files\explorer\bin\CadWorkspaceFactory.dll
c:\program files\explorer\bin\Camera.dll
c:\program files\explorer\bin\CartoControlsLib.dll
c:\program files\explorer\bin\CartoConverter.dll
c:\program files\explorer\bin\CartoXLib.dll
c:\program files\explorer\bin\CIM.dll
c:\program files\explorer\bin\CIMLib.dll
c:\program files\explorer\bin\Color.dll
c:\program files\explorer\bin\ComplexSymbols.dll
c:\program files\explorer\bin\CompressedDataFile.dll
c:\program files\explorer\bin\Configuration\CATID\esri.catid.ecfg
c:\program files\explorer\bin\Configuration\CLSID\esri.clsid.ecfg
c:\program files\explorer\bin\DADFLib.dll
c:\program files\explorer\bin\DaeLib.dll
c:\program files\explorer\bin\DataConverterLib.dll
c:\program files\explorer\bin\dbghelp.dll
c:\program files\explorer\bin\de\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\de\DADFRes.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\de\ResToolkitPro.dll
c:\program files\explorer\bin\DECoreLib.dll
c:\program files\explorer\bin\DFORRT.DLL
c:\program files\explorer\bin\Display.dll
c:\program files\explorer\bin\DisplayFeedback.dll
c:\program files\explorer\bin\DisplayGraph.dll
c:\program files\explorer\bin\DisplayLib.dll
c:\program files\explorer\bin\DistributedGeodbLib.dll
c:\program files\explorer\bin\DynamicDisplay.dll
c:\program files\explorer\bin\e3.config.xml
c:\program files\explorer\bin\E3.exe
c:\program files\explorer\bin\E3.exe.config
c:\program files\explorer\bin\E3Control.dll
c:\program files\explorer\bin\E3EmailHelper.exe
c:\program files\explorer\bin\EngineGraphics.dll
c:\program files\explorer\bin\EnginePackager.dll
c:\program files\explorer\bin\es\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\es\DADFRes.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\es\ResToolkitPro.dll
c:\program files\explorer\bin\ESRI.ArcGIS.Utilities.Compression.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.Application.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.MapCenter.dll
c:\program files\explorer\bin\ESRI.DADF.Core.dll
c:\program files\explorer\bin\ESRI.DADF.dll
c:\program files\explorer\bin\esrizip.exe
c:\program files\explorer\bin\Export.dll
c:\program files\explorer\bin\ExtTopoEngine.dll
c:\program files\explorer\bin\FdaCore.dll
c:\program files\explorer\bin\FdaCoreLib.dll
c:\program files\explorer\bin\FdaRel.dll
c:\program files\explorer\bin\FeatureDataConverter.dll
c:\program files\explorer\bin\FeatureDataElements.dll
c:\program files\explorer\bin\FeatureLayer.dll
c:\program files\explorer\bin\FeatureLayerLib.dll
c:\program files\explorer\bin\FgdbRasterDB.dll
c:\program files\explorer\bin\FgdbUtilLib.dll
c:\program files\explorer\bin\FileDataElements.dll
c:\program files\explorer\bin\FileDBCoreLib.dll
c:\program files\explorer\bin\FileGDB.dll
c:\program files\explorer\bin\FileGDBWorkspaceFactory.dll
c:\program files\explorer\bin\fr\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\fr\DADFRes.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\fr\ResToolkitPro.dll
c:\program files\explorer\bin\FunctionRasterDB.dll
c:\program files\explorer\bin\gdal16.dll
c:\program files\explorer\bin\GdalRasterDB.dll
c:\program files\explorer\bin\GdbCatalog.dll
c:\program files\explorer\bin\GdbCore.dll
c:\program files\explorer\bin\GdbCoreLib.dll
c:\program files\explorer\bin\GdbNet.dll
c:\program files\explorer\bin\GdbTopo.dll
c:\program files\explorer\bin\GeoDataExtraction.dll
c:\program files\explorer\bin\GeoDataServer.dll
c:\program files\explorer\bin\GeoDataTransfer.dll
c:\program files\explorer\bin\Geometry.dll
c:\program files\explorer\bin\GeoprocessingLib.dll
c:\program files\explorer\bin\GeoProcessor.dll
c:\program files\explorer\bin\GeoRSSPlugin.dll
c:\program files\explorer\bin\glew32.dll
c:\program files\explorer\bin\Globe.dll
c:\program files\explorer\bin\GlobeCamera.dll
c:\program files\explorer\bin\GlobeClient.dll
c:\program files\explorer\bin\GlobeCoreLib.dll
c:\program files\explorer\bin\GlobeDisplay.dll
c:\program files\explorer\bin\GlobeLayers.dll
c:\program files\explorer\bin\GlobeServer.dll
c:\program files\explorer\bin\GlobeServerLayer.dll
c:\program files\explorer\bin\GlobeViewerCoreLib.dll
c:\program files\explorer\bin\GPClient.dll
c:\program files\explorer\bin\GpObjects.dll
c:\program files\explorer\bin\GpPythonCore.dll
c:\program files\explorer\bin\GPRasterFunctions.dll
c:\program files\explorer\bin\GraphicElements.dll
c:\program files\explorer\bin\hd420m.dll
c:\program files\explorer\bin\hdf5dll.dll
c:\program files\explorer\bin\hm420m.dll
c:\program files\explorer\bin\icudt40.dll
c:\program files\explorer\bin\icuin40.dll
c:\program files\explorer\bin\icuio40.dll
c:\program files\explorer\bin\icule40.dll
c:\program files\explorer\bin\icuuc40.dll
c:\program files\explorer\bin\ImageAccessLib.dll
c:\program files\explorer\bin\ImageClient.dll
c:\program files\explorer\bin\ImageServer.dll
c:\program files\explorer\bin\ImageServerLayer.dll
c:\program files\explorer\bin\IMSConnector.dll
c:\program files\explorer\bin\ImsFDB.dll
c:\program files\explorer\bin\IMSLayer.dll
c:\program files\explorer\bin\IMSLayerLib.dll
c:\program files\explorer\bin\IMSServiceLib.dll
c:\program files\explorer\bin\ImsWorkspaceFactory.dll
c:\program files\explorer\bin\InMemoryWorkspaceFactory.dll
c:\program files\explorer\bin\InputDevice3Dx.dll
c:\program files\explorer\bin\ja-JP\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\ja-JP\DADFRes.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\ja-JP\ResToolkitPro.dll
c:\program files\explorer\bin\kdu61.dll
c:\program files\explorer\bin\KmlLayer.dll
c:\program files\explorer\bin\LabelPlacement.dll
c:\program files\explorer\bin\Layer.dll
c:\program files\explorer\bin\LayerLib.dll
c:\program files\explorer\bin\lcms117lib.dll
c:\program files\explorer\bin\libcollada14dom21.dll
c:\program files\explorer\bin\libcurl.dll
c:\program files\explorer\bin\lti_dsdk_dll.dll
c:\program files\explorer\bin\Map.dll
c:\program files\explorer\bin\MapClient.dll
c:\program files\explorer\bin\MapDB.dll
c:\program files\explorer\bin\MapElements.dll
c:\program files\explorer\bin\MaplexEngineLib.dll
c:\program files\explorer\bin\MapLib.dll
c:\program files\explorer\bin\MappingCore.dll
c:\program files\explorer\bin\MappingCoreLib.dll
c:\program files\explorer\bin\MappingServicesLib.dll
c:\program files\explorer\bin\MapServer.dll
c:\program files\explorer\bin\MapServerLayer.dll
c:\program files\explorer\bin\Marker3DFile.dll
c:\program files\explorer\bin\MessageSupport.dll
c:\program files\explorer\bin\Microsoft.VC90.ATL\atl90.dll
c:\program files\explorer\bin\Microsoft.VC90.ATL\Microsoft.VC90.ATL.manifest
c:\program files\explorer\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90u.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90u.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\Microsoft.VC90.MFC.manifest
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHS.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHT.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90DEU.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ENU.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESN.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESP.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90FRA.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ITA.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90JPN.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90KOR.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\Microsoft.VC90.MFCLOC.manifest
c:\program files\explorer\bin\Microsoft.VC90.OPENMP\Microsoft.VC90.OpenMP.manifest
c:\program files\explorer\bin\Microsoft.VC90.OPENMP\vcomp90.dll
c:\program files\explorer\bin\MosaicDB.dll
c:\program files\explorer\bin\msvcp71.dll
c:\program files\explorer\bin\msvcr71.dll
c:\program files\explorer\bin\Navigation.dll
c:\program files\explorer\bin\NetEngine80.dll
c:\program files\explorer\bin\Network.dll
c:\program files\explorer\bin\NetworkAnalystSolvers.dll
c:\program files\explorer\bin\NetworkDataset.dll
c:\program files\explorer\bin\OGCClient.dll
c:\program files\explorer\bin\OleFDB.dll
c:\program files\explorer\bin\OutputLib.dll
c:\program files\explorer\bin\PageLayout.dll
c:\program files\explorer\bin\pe.dll
c:\program files\explorer\bin\PlugInDataSource.dll
c:\program files\explorer\bin\PlugInWorkspaceFactory.dll
c:\program files\explorer\bin\PrintOut.dll
c:\program files\explorer\bin\RasterAnalysisUtilLib.dll
c:\program files\explorer\bin\RasterCatalog.dll
c:\program files\explorer\bin\RasterCoreLib.dll
c:\program files\explorer\bin\RasterDB.dll
c:\program files\explorer\bin\RasterEngine.dll
c:\program files\explorer\bin\RasterFormats.dat
c:\program files\explorer\bin\RasterGraphicElements.dll
c:\program files\explorer\bin\RasterIO.dll
c:\program files\explorer\bin\RasterLayer.dll
c:\program files\explorer\bin\RasterRenderer.dll
c:\program files\explorer\bin\RasterWorkspaceFactory.dll
c:\program files\explorer\bin\Renderers.dll
c:\program files\explorer\bin\RepresentationDB.dll
c:\program files\explorer\bin\RepresentationEffects.dll
c:\program files\explorer\bin\RepresentationLayer.dll
c:\program files\explorer\bin\RepresentationLib.dll
c:\program files\explorer\bin\RepresentationSymbols.dll
c:\program files\explorer\bin\SceneFilters.dll
c:\program files\explorer\bin\SceneGraph.dll
c:\program files\explorer\bin\sdcdbx.dll
c:\program files\explorer\bin\SDCPlugIn.dll
c:\program files\explorer\bin\sde.dll
c:\program files\explorer\bin\SdeFDB.dll
c:\program files\explorer\bin\SdeRasterDB.dll
c:\program files\explorer\bin\sdesetup.dll
c:\program files\explorer\bin\SdeWorkspaceFactory.dll
c:\program files\explorer\bin\ServerStyleGallery.dll
c:\program files\explorer\bin\sg.dll
c:\program files\explorer\bin\ShapefileFDB.dll
c:\program files\explorer\bin\ShapefileWorkspaceFactory.dll
c:\program files\explorer\bin\SimpleDataConverter.dll
c:\program files\explorer\bin\StyleGalleryClasses.dll
c:\program files\explorer\bin\SystemUIUtil.dll
c:\program files\explorer\bin\Terrain.dll
c:\program files\explorer\bin\TerrainLayer.dll
c:\program files\explorer\bin\TextFileWorkspaceFactory.dll
c:\program files\explorer\bin\TextureCookerService.exe
c:\program files\explorer\bin\TinDb.dll
c:\program files\explorer\bin\TinEngine.dll
c:\program files\explorer\bin\TinLayer.dll
c:\program files\explorer\bin\TinRenderer.dll
c:\program files\explorer\bin\TinWorkspaceFactory.dll
c:\program files\explorer\bin\ViewerCoreLib.dll
c:\program files\explorer\bin\VpfFDB.dll
c:\program files\explorer\bin\VpfWorkspaceFactory.dll
c:\program files\explorer\bin\WebServices.dll
c:\program files\explorer\bin\WMSLayer.dll
c:\program files\explorer\bin\xerces-c_2_7.dll
c:\program files\explorer\bin\XmlSupport.dat
c:\program files\explorer\bin\XMLSupport.dll
c:\program files\explorer\bin\XYEvents.dll
c:\program files\explorer\bin\zh-CN\applicationconfigurationmanager.resources.dll
c:\program files\explorer\bin\zh-CN\DADFRes.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\zh-CN\ResToolkitPro.dll
c:\program files\explorer\bin\zlib1.dll
c:\program files\explorer\bin\zlibwapi.dll
c:\program files\explorer\ColorProfiles\esriGray22.icc
c:\program files\explorer\ColorProfiles\Lab2Lab.icm
c:\program files\explorer\ColorProfiles\sRGB_IEC61966-2-1_noBPC.icc
c:\program files\explorer\ColorProfiles\USWebCoatedSWOP.icc
c:\program files\explorer\ColorProfiles\Xyz2Xyz.icm
c:\program files\explorer\com\com.zreg
c:\program files\explorer\com\esriE3.olb
c:\program files\explorer\license\ExplorerEnglishLicense.pdf
c:\program files\explorer\license\ExplorerFrenchLicense.pdf
c:\program files\explorer\license\ExplorerGermanLicense.pdf
c:\program files\explorer\license\ExplorerJapaneseLicense.pdf
c:\program files\explorer\license\ExplorerSimplChineseLicense.pdf
c:\program files\explorer\license\ExplorerSpanishLicense.pdf
c:\program files\explorer\PackageTemplates\ArcGISExplorer.stylesheet
c:\program files\explorer\PackageTemplates\Package931.template
c:\program files\explorer\pedata\gdaldata\coordinate_axis.csv
c:\program files\explorer\pedata\gdaldata\cubewerx_extra.wkt
c:\program files\explorer\pedata\gdaldata\ecw_cs.dat
c:\program files\explorer\pedata\gdaldata\ellipsoid.csv
c:\program files\explorer\pedata\gdaldata\epsg.wkt
c:\program files\explorer\pedata\gdaldata\esri_extra.wkt
c:\program files\explorer\pedata\gdaldata\gcs.csv
c:\program files\explorer\pedata\gdaldata\gdal_datum.csv
c:\program files\explorer\pedata\gdaldata\gdalicon.png
c:\program files\explorer\pedata\gdaldata\pcs.csv
c:\program files\explorer\pedata\gdaldata\prime_meridian.csv
c:\program files\explorer\pedata\gdaldata\projop_wparm.csv
c:\program files\explorer\pedata\gdaldata\s57attributes.csv
c:\program files\explorer\pedata\gdaldata\s57expectedinput.csv
c:\program files\explorer\pedata\gdaldata\s57objectclasses.csv
c:\program files\explorer\pedata\gdaldata\seed_2d.dgn
c:\program files\explorer\pedata\gdaldata\seed_3d.dgn
c:\program files\explorer\pedata\gdaldata\stateplane.csv
c:\program files\explorer\pedata\gdaldata\unit_of_measure.csv
c:\program files\explorer\plugins\explorerCore.ecfg
c:\program files\explorer\schemas\ExplorerAddIn.xsd
c:\program files\explorer\schemas\ExplorerGeometry.xsd
c:\program files\explorer\schemas\NmfDocument.xsd
c:\program files\explorer\Styles\default.css
c:\program files\explorer\Styles\Directions\CheckeredFlag16.png
c:\program files\explorer\Styles\Directions\GreenFlag16.png
c:\program files\explorer\Styles\Directions\Print16.png
c:\program files\explorer\Styles\ExplorerColors.de.xml
c:\program files\explorer\Styles\ExplorerColors.es.xml
c:\program files\explorer\Styles\ExplorerColors.fr.xml
c:\program files\explorer\Styles\ExplorerColors.ja-JP.xml
c:\program files\explorer\Styles\ExplorerColors.xml
c:\program files\explorer\Styles\ExplorerColors.zh-CN.xml
c:\program files\explorer\Styles\ExplorerSymbols.de.xml
c:\program files\explorer\Styles\ExplorerSymbols.es.xml
c:\program files\explorer\Styles\ExplorerSymbols.fr.xml
c:\program files\explorer\Styles\ExplorerSymbols.ja-JP.xml
c:\program files\explorer\Styles\ExplorerSymbols.xml
c:\program files\explorer\Styles\ExplorerSymbols.zh-CN.xml
c:\program files\explorer\Styles\kml.css
c:\program files\explorer\Styles\KMLIcons\american-flag.png
c:\program files\explorer\Styles\KMLIcons\arrow.png
c:\program files\explorer\Styles\KMLIcons\asian-flag.png
c:\program files\explorer\Styles\KMLIcons\auto-service.png
c:\program files\explorer\Styles\KMLIcons\auto.png
c:\program files\explorer\Styles\KMLIcons\bang.png
c:\program files\explorer\Styles\KMLIcons\bars.png
c:\program files\explorer\Styles\KMLIcons\building.png
c:\program files\explorer\Styles\KMLIcons\coffee_house_16.png
c:\program files\explorer\Styles\KMLIcons\crosshair.png
c:\program files\explorer\Styles\KMLIcons\dining.png
c:\program files\explorer\Styles\KMLIcons\dining_16.png
c:\program files\explorer\Styles\KMLIcons\dot.png
c:\program files\explorer\Styles\KMLIcons\fast-food.png
c:\program files\explorer\Styles\KMLIcons\four-dollars.png
c:\program files\explorer\Styles\KMLIcons\french-flag.png
c:\program files\explorer\Styles\KMLIcons\hand.png
c:\program files\explorer\Styles\KMLIcons\high_res_places.png
c:\program files\explorer\Styles\KMLIcons\highway_16.png
c:\program files\explorer\Styles\KMLIcons\italian-flag.png
c:\program files\explorer\Styles\KMLIcons\large_traffic_count_16.png
c:\program files\explorer\Styles\KMLIcons\mexican-flag.png
c:\program files\explorer\Styles\KMLIcons\misc_dining.png
c:\program files\explorer\Styles\KMLIcons\note.png
c:\program files\explorer\Styles\KMLIcons\one-dollar.png
c:\program files\explorer\Styles\KMLIcons\palette-2.png
c:\program files\explorer\Styles\KMLIcons\palette-3.png
c:\program files\explorer\Styles\KMLIcons\palette-4.png
c:\program files\explorer\Styles\KMLIcons\palette-5.png
c:\program files\explorer\Styles\KMLIcons\parks.png
c:\program files\explorer\Styles\KMLIcons\recreation.png
c:\program files\explorer\Styles\KMLIcons\school_16.png
c:\program files\explorer\Styles\KMLIcons\search.png
c:\program files\explorer\Styles\KMLIcons\streamed_layer.png
c:\program files\explorer\Styles\KMLIcons\streamed_layers.png
c:\program files\explorer\Styles\KMLIcons\terrain_16.png
c:\program files\explorer\Styles\KMLIcons\three-dollars.png
c:\program files\explorer\Styles\KMLIcons\transportation.png
c:\program files\explorer\Styles\KMLIcons\two-dollars.png
c:\program files\explorer\Styles\KMLIcons\webcam_16.png
c:\program files\explorer\Styles\SlideTitleStyles.de.xml
c:\program files\explorer\Styles\SlideTitleStyles.es.xml
c:\program files\explorer\Styles\SlideTitleStyles.fr.xml
c:\program files\explorer\Styles\SlideTitleStyles.ja-JP.xml
c:\program files\explorer\Styles\SlideTitleStyles.xml
c:\program files\explorer\Styles\SlideTitleStyles.zh-CN.xml
c:\program files\explorer\Styles\StyleSheet.xsl
c:\program files\explorer\Styles\SymbolImages\Civic\ATM.png
c:\program files\explorer\Styles\SymbolImages\Civic\Bank.png
c:\program files\explorer\Styles\SymbolImages\Civic\Bell.png
c:\program files\explorer\Styles\SymbolImages\Civic\Cemetery.png
c:\program files\explorer\Styles\SymbolImages\Civic\City.png
c:\program files\explorer\Styles\SymbolImages\Civic\Clue.png
c:\program files\explorer\Styles\SymbolImages\Civic\Crowd.png
c:\program files\explorer\Styles\SymbolImages\Civic\GhostTown.png
c:\program files\explorer\Styles\SymbolImages\Civic\Horn.png
c:\program files\explorer\Styles\SymbolImages\Civic\Housing.png
c:\program files\explorer\Styles\SymbolImages\Civic\MailPost.png
c:\program files\explorer\Styles\SymbolImages\Civic\Office.png
c:\program files\explorer\Styles\SymbolImages\Civic\Radioactive.png
c:\program files\explorer\Styles\SymbolImages\Civic\School.png
c:\program files\explorer\Styles\SymbolImages\Civic\StarsStripes.png
c:\program files\explorer\Styles\SymbolImages\Flag\CheckeredFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\GreenFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\RedFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\WhiteFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\YellowFlag.png
c:\program files\explorer\Styles\SymbolImages\Health\AidStation.png
c:\program files\explorer\Styles\SymbolImages\Health\Ambulance.png
c:\program files\explorer\Styles\SymbolImages\Health\Doctor.png
c:\program files\explorer\Styles\SymbolImages\Health\Health.png
c:\program files\explorer\Styles\SymbolImages\Health\Hospital.png
c:\program files\explorer\Styles\SymbolImages\Health\Pharmacy.png
c:\program files\explorer\Styles\SymbolImages\Marine\AmberBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BlackBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BlueBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BoatsKeepOut.png
c:\program files\explorer\Styles\SymbolImages\Marine\ControlledArea.png
c:\program files\explorer\Styles\SymbolImages\Marine\Danger.png
c:\program files\explorer\Styles\SymbolImages\Marine\DiverDown.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenRedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenSquareDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenWhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\OrangeBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\PersonOverboard.png
c:\program files\explorer\Styles\SymbolImages\Marine\RadioBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedGreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedSquareDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedTriangleDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedWhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\SkullandCrossbones.png
c:\program files\explorer\Styles\SymbolImages\Marine\UnderwaterOperations.png
c:\program files\explorer\Styles\SymbolImages\Marine\VioletBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteGreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteRedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\Wreck.png
c:\program files\explorer\Styles\SymbolImages\Placemark\ArrowYellow.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Capital1.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Capital2.png
c:\program files\explorer\Styles\SymbolImages\Placemark\CircleX.png
c:\program files\explorer\Styles\SymbolImages\Placemark\CrossHair.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated1.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated2.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated3.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated4.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated5.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated6.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated7.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Star.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\AmusementPark.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Bar.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Camera.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\CameraWeb.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\CellPhone.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Coffee.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dam.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\DepartmentStore.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dining.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\DrinkingWater.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\FastFood.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\FitnessCenter.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Forest.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Globe.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Information.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\InformationQuestion.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\LandLine.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Light.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\LiveShow.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Mine.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\MovieTheater.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Museum.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\News.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Note.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\OilWell.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pizza.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pub.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Question.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\RealEstate.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Reservoir.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Restroom.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shopping.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shower.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Stadium.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerShort.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerTall.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Zoo.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Burglary.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireFighter.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireStation.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireTruck.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Homicide.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Police.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceCar.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceOfficer.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceStation.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Theft.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BlackPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BluePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BrownPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\GrayPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\GreenPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\LightBluePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\OrangePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\PinkPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\PurplePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\RedPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\SpringGreenPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\WhitePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\YellowPushpin.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Beach.png
c:\program files\explorer\Styles\SymbolImages\Recreation\BoatLaunch.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Bowling.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Camping.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Deer.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Fishing.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Geocache.png
c:\program files\explorer\Styles\SymbolImages\Recreation\GeocacheFound.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Gliding.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Golf.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Hiking.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Mountain.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Park.png
c:\program files\explorer\Styles\SymbolImages\Recreation\RestArea.png
c:\program files\explorer\Styles\SymbolImages\Recreation\RVPark.png
c:\program files\explorer\Styles\SymbolImages\Recreation\SkyDiving.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Sports.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Swimming.png
c:\program files\explorer\Styles\SymbolImages\Recreation\TrackBack.png
c:\program files\explorer\Styles\SymbolImages\Recreation\WaterSkiing.png
c:\program files\explorer\Styles\SymbolImages\Sphere\BlueSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\GreenSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\OrangeSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\PurpleSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\RedSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\YellowSphere.png
c:\program files\explorer\Styles\SymbolImages\Square\BlackWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Square\BlueWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Square\WhiteWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BlackStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BlueStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BrownStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\GrayStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\GreenStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\LightBlueStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\OrangeStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\PinkStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\PurpleStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\RedStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\SpringGreenStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\WhiteStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\YellowStickpin.png
c:\program files\explorer\Styles\SymbolImages\Transparent\Transparent.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Airplane.png
c:\program files\explorer\Styles\SymbolImages\Transportation\AirStrip.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Breakdown.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Bus.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRental.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRepair.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\ConvenienceStore.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Crossing.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Fuel.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterGreen.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterRed.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterYellow.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Landingpad.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Lodging.png
c:\program files\explorer\Styles\SymbolImages\Transportation\MileMarker.png
c:\program files\explorer\Styles\SymbolImages\Transportation\MountainPass.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Overpass.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Parking.png
c:\program files\explorer\Styles\SymbolImages\Transportation\PrivateField.png
c:\program files\explorer\Styles\SymbolImages\Transportation\RoadClosure.png
c:\program files\explorer\Styles\SymbolImages\Transportation\RoadWork.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Sailing.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Scales.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Seaplane.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Tank.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Toll.png
c:\program files\explorer\Styles\SymbolImages\Transportation\TrafficAccident.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Tunnel.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Ultralight.png
c:\program files\explorer\Styles\SymbolImages\Transportation\WarningRed.png
c:\program files\explorer\Styles\SymbolImages\Transportation\WarningYellow.png
c:\program files\explorer\Styles\SymbolImages\Transportation\YellowSemiTractor.png
c:\program files\explorer\Styles\SymbolImages\Weather\Cloudy.png
c:\program files\explorer\Styles\SymbolImages\Weather\HeatAdvisory.png
c:\program files\explorer\Styles\SymbolImages\Weather\Lightning.png
c:\program files\explorer\Styles\SymbolImages\Weather\PartlySunny.png
c:\program files\explorer\Styles\SymbolImages\Weather\Rain.png
c:\program files\explorer\Styles\SymbolImages\Weather\Snow.png
c:\program files\explorer\Styles\SymbolImages\Weather\Sunny.png
c:\program files\explorer\Styles\Template.ncfg
c:\program files\explorer\TilingSchemes\ArcGIS_Online_Bing_Maps_Google_Maps.xml
c:\program files\explorer\TilingSchemes\GoogleMapsVersions.xml
c:\program files\explorer\TilingSchemes\Yahoo.xml
c:\program files\Extension Changer\extmain.exe
c:\program files\UNICCodec
c:\programdata\Microsoft\Windows\Start Menu\Programs\UNICCodec
c:\users\cswright\AppData\Roaming\7za.exe
c:\users\cswright\AppData\Roaming\Desktopicon
c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UNICCodec
c:\windows\iun6002.exe
c:\windows\PFRO.log
c:\windows\System32\drivers\etc\hosts.bak1
c:\windows\System32\drivers\etc\hosts.bak2
c:\windows\system32\drivers\npf.sys
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
c:\windows\system32\Packet.dll
c:\windows\system32\regobj.dll
c:\windows\system32\wpcap.dll
c:\windows\ZC0302Cap.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
.
.
2011-11-02 15:13 . 2011-11-02 15:17 -------- d-----w- c:\users\cswright\AppData\Local\temp
2011-11-02 15:13 . 2011-11-02 15:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-02 15:13 . 2011-11-02 15:13 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
2011-10-30 17:10 . 2011-11-02 13:49 -------- d-----w- c:\windows\system32\drivers\AVG
2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
2011-10-30 16:45 . 2011-11-02 13:49 -------- d-----w- c:\programdata\MFAData
2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-04 21:27 . 2011-10-23 05:16 -------- d-----w- c:\program files\Agrar Simulator 2011
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
[7] 2006-11-02 . E86CF7CE67D5DE898F27EF884DC357D8 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6000.16386_none_22210ce737ee2d9b\asyncmac.sys
.
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[7] 2006-11-02 . AC3DD1708B22761EBD7CBE14DCC3B5D7 . 6144 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys
.
[7] 2008-02-13 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_a81145df\kbdclass.sys
[7] 2008-02-13 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[7] 2008-02-13 . C9B0CF786D5F151A43C7BE8E243F2819 . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\drivers\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[7] 2006-11-02 . 1A48765F92BA1A88445FC25C9C9D94FC . 32872 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
.
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[7] 2008-01-19 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[7] 2006-11-02 . 227C11E1E7CF6EF8AFB2A238D209760C . 500840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
.
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[7] 2008-01-19 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[7] 2008-01-09 . 2620822A21B76375F5FD6E0986407CD1 . 1060920 . . [6.0.6000.16586] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
[7] 2008-01-09 . B5BE45B1F554DF9E1976CBC855365E60 . 1061432 . . [6.0.6000.20709] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
[7] 2007-12-16 . F08824715CA6076F5E73E005AB83B9C8 . 1061944 . . [6.0.6000.20740] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys
[7] 2007-12-16 . 37430AA7A66D7A63407ADC2C0D05E9F6 . 1060920 . . [6.0.6000.16615] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
[7] 2006-11-02 . 3F379380A4A2637F559444E338CF1B51 . 1056360 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
.
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
[7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys
.
[7] 2011-06-17 . 6647FCE6FC4970DAAFE5C64C794513D3 . 913296 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\System32\drivers\tcpip.sys
[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[7] 2009-08-15 . 2512B4D1353370D6688B1AF1F5AFA1CF . 816640 . . [6.0.6000.21108] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[7] 2009-08-14 . 8A7AD2A214233F684242F289ED83EBC3 . 897608 . . [6.0.6001.18311] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[7] 2009-08-14 . 2608E71AAD54564647D4BB984E1925AA . 900168 . . [6.0.6001.22497] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[7] 2009-08-14 . FF71856BD4CD6D4367F9FD84BE79A874 . 905784 . . [6.0.6002.22200] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
[7] 2009-08-14 . 65877AA1B6A7CB797488E831698973E9 . 904776 . . [6.0.6002.18091] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[7] 2009-08-14 . 300208927321066EA53761FDC98747C6 . 813568 . . [6.0.6000.16908] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[7] 2009-04-11 . 0E6B0885C3D5E4643ED2D043DE3433D8 . 897000 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[7] 2008-04-26 . 82E266BEE5F0167E41C6ECFDD2A79C02 . 891448 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[7] 2008-04-26 . 01EC1E92595F839BEE70D439C46796E3 . 891448 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[7] 2008-02-13 . 5DF77458AA92FDB36FCE79C60F74AB5D . 803328 . . [6.0.6000.16627] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[7] 2008-02-13 . 52A8BD6294F7D1443C6184C67AE13AF4 . 806400 . . [6.0.6000.20752] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[7] 2008-01-19 . FC6E2835D667774D409C7C7021EAF9C4 . 891448 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[7] 2008-01-09 . 028061C7F6D2D03068C72E2A27E4228A . 802816 . . [6.0.6000.16567] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[7] 2008-01-09 . 43EAE40B50FE3E60D194DD9C97EBB1FD . 804352 . . [6.0.6000.20689] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[7] 2006-11-02 . D944522B048A5FEB7700B5170D3D9423 . 802816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
.
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
[7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll
.
[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
.
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
[7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll
.
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
[7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll
.
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[7] 2008-01-04 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll
[7] 2008-01-04 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
.
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
.
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
.
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\System32\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
[7] 2008-01-04 . F3E9065EB617A7E3A832A7976BFA021B . 53080 . . [7.0.6000.381] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6000.381_none_981d19142bc9942c\wuauclt.exe
[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
[7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
.
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
[7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll
.
[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
[7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
[7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
[7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
[7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
[7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll
[7] 2009-10-21 . 159239C8EF4D26392F9C160369348C61 . 5943296 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll
[7] 2009-10-21 . 9BFB2F7C3A2F626040C4EB8CE5C6ED2A . 5939712 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll
[7] 2009-08-27 . E9C51FD04019DC14CAE9CEDE3C7B08E3 . 5942272 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll
[7] 2009-08-27 . 7172C1681283EC40A8DA9ED4180FF390 . 5940224 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll
[7] 2009-07-22 . 8FD67A68AF3E2013DC668D3DD1519BB7 . 5938176 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll
[7] 2009-07-21 . 2620C82EEEBED884FAA1E00C4671E83A . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll
[7] 2009-05-12 . 5F3B323A3758C9B156B199F54A888882 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22874_none_f66e22e151498188\mshtml.dll
[7] 2009-05-09 . 89CCF8069B59780BDEF45E345E671347 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18783_none_f5d8b5e03834e458\mshtml.dll
[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
[7] 2008-06-27 . 2B59221D1B9D9FB1D202A21AFE8E410A . 3578368 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18099_none_12eac5ea226a5aa4\mshtml.dll
[7] 2008-06-27 . B964D58A6698C8FCA93447ADBDE18820 . 3592192 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16711_none_1153063a250a1c9a\mshtml.dll
[7] 2008-06-27 . 256E9D588ACB7F104123947297A9302A . 3578880 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22212_none_13c3e1f53b4d66ac\mshtml.dll
[7] 2008-06-27 . 1D73575D8A0F368CD8FE3212E8928743 . 3594240 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20868_none_11ad956f3e49f97a\mshtml.dll
[7] 2008-04-25 . 2C2A85BBAB617EDDD19119F66C05B1C3 . 3578368 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18063_none_130533f222576ec7\mshtml.dll
[7] 2008-04-25 . 13A0AA60B35A6A13152A759536C10203 . 3591680 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16681_none_110754e02542e30a\mshtml.dll
[7] 2008-04-25 . 92A81ADE1E576A53176777260190F3A1 . 3578368 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22167_none_1392d1e53b7173ed\mshtml.dll
[7] 2008-04-25 . 38EC352C600EB037FE02749F8C170B6B . 3593728 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20823_none_11d3d3ad3e2e0b03\mshtml.dll
[7] 2008-02-22 . 9C4091CD321D6D8BCF9842F109EE574B . 3578368 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll
[7] 2008-02-22 . ED2588D1864319C54E79443130A8004B . 3593728 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll
[7] 2008-02-22 . 977C356E655F357665310C0C95D0DBD4 . 3578368 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll
[7] 2008-02-21 . 3AE6072A86AD8049DD133DB40F73F0C8 . 3591680 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll
[7] 2008-02-13 . 31DCF20D4E65A972640CE77635F1039B . 3592192 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16609_none_1165d69024face3a\mshtml.dll
[7] 2008-02-13 . 5C23F9EFAFD87043D8CA49B9308E3D29 . 3593216 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20734_none_11ca02253e354324\mshtml.dll
[7] 2008-01-19 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
[7] 2008-01-04 . 6C5DC8B0F44658C550CB371C85BCAE56 . 3590656 . . [7.00.6000.16587] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16587_none_110d54b6253d7ded\mshtml.dll
[7] 2008-01-04 . E2FFAA76A5DEFA1A680F2D32E18D443B . 3593216 . . [7.00.6000.20710] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20710_none_11dba0d53e28a5e6\mshtml.dll
[7] 2007-08-23 . 24C5786C3A9ED534409D5DA0B56504D6 . 3584000 . . [7.00.6000.20591] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477\mshtml.dll
[7] 2007-08-23 . 1F8EBB4387471DF7E7160F981BDEAFB7 . 3583488 . . [7.00.6000.16481] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc\mshtml.dll
[7] 2007-08-23 . 88BAE1EF672DCB0E3191EB106A677D4A . 3582976 . . [7.00.6000.20547] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20547_none_11c22f4b3e3ab0cc\mshtml.dll
[7] 2007-08-23 . 7B57E7A3307D38C3441076E6B6CAD866 . 3581952 . . [7.00.6000.16448] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16448_none_113992ca251c2a59\mshtml.dll
[7] 2007-08-23 . 070B5BE00CCC851F7C8B39CD1609B009 . 3580416 . . [7.00.6000.16397] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16397_none_110280fe25459f90\mshtml.dll
[7] 2007-08-23 . 7D22E0D46A572614D6BE2DE7B4529076 . 3580416 . . [7.00.6000.20491] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20491_none_11861c0d3e68a750\mshtml.dll
[7] 2006-11-02 . 2D972F487EACEBBB2B3A02F290C3511A . 3580416 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16386_none_110c50a0253e6a48\mshtml.dll
.
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\System32\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll
[-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
[7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
[7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll
.
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[7] 2007-08-23 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[7] 2007-08-23 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
.
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
.
[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-02-13 . 0AD9BE4F82F0389EC9B8A58F2FD16442 . 824832 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16609_none_000bb771a4a46504\wininet.dll
[7] 2008-02-13 . 39FBDEC53D5F7C5F4B7C35B9B1926A0F . 825344 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20734_none_006fe306bdded9ee\wininet.dll
[7] 2008-01-19 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[7] 2008-01-04 . F3B7B70B789056994406377CA8B06829 . 824832 . . [7.00.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16575_none_ffbc04efa4e0c618\wininet.dll
[7] 2008-01-04 . 0683CBA27E3111CB87B682CA66475C0C . 825344 . . [7.00.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20697_none_00320276be0cd072\wininet.dll
[7] 2007-08-23 . 355F1F19DAAD8F769936752F993EA8BF . 823808 . . [7.00.6000.20583] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe\wininet.dll
[7] 2007-08-23 . 9C1C977FA682D428C7133CF29013211B . 822784 . . [7.00.6000.16473] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643\wininet.dll
[7] 2007-08-23 . 1EA5200F3D45EFDFC25F630A52DDF9E5 . 823296 . . [7.00.6000.20547] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20547_none_0068102cbde44796\wininet.dll
[7] 2007-08-23 . 7DBB98EBB2D267ACF9E6BC04AEC6CBF3 . 822784 . . [7.00.6000.16448] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16448_none_ffdf73aba4c5c123\wininet.dll
[7] 2006-11-02 . 214A456AADCC7DD1B36E2287BA71A9CA . 822272 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
.
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2006-11-02 . D99A071C1018BB3D4ABAAD4B62048AC2 . 178688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[7] 2008-01-19 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[7] 2008-01-04 . 6D06CD98D954FE87FB2DB8108793B399 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[7] 2008-01-04 . BD06F0BF753BC704B653C3A50F89D362 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[7] 2006-11-02 . FD8C53FB002217F6F888BCF6F5D7084D . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
.
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[7] 2006-11-02 . F13123E76FDA33E55F11E0EB832E832A . 134656 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-19 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
[7] 2006-11-02 . CCE6FB960F8985BF500CE9CB0B2EF4CF . 1314816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-19 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
[7] 2006-11-02 . 456FB859236C9074ACF6C3B6243D8B46 . 502784 . . [1.0626.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6000.16386_none_aac3b7125b914f5a\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6000.16386_none_e5cada609a6133bd\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[7] 2006-11-02 . D4385B03E8CCCEE6F0EE249F827C1F3E . 95744 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
.
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[7] 2008-01-19 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
[7] 2006-11-02 . 9A043808667C8C1893DA7275AF373F0E . 105984 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6000.16386_none_872f43bd868c402d\regsvc.dll
.
[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[7] 2008-02-13 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[7] 2008-02-13 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
[7] 2008-01-19 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[7] 2006-11-02 . 5C72614E6625D39CC1504BF078FDC4CA . 595456 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16386_none_2cca5c959a1767e4\schedsvc.dll
.
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
[7] 2006-11-02 . 8D3E4BAFF8B3997138C38EB1B600519A . 155136 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6000.16386_none_7d92b0efd44d38e1\ssdpsrv.dll
.
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[7] 2008-01-19 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[7] 2006-11-02 . FAD71C1E8E4047B154E899AE31EB8CAA . 427520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll
.
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
[7] 2006-11-02 . 312BA286EB3BE9EAE82DA427ED2C0284 . 291840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6000.16386_none_adff83b897ae75bd\hnetcfg.dll
.
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys
[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
.
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
[7] 2006-11-02 . D7657856319941907BBDC2A11713CFD7 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6000.16386_none_f6ca18a8459b3244\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2011-06-20 . A94B3B8B4B35ACA0290A2A8CC2977094 . 3603856 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntkrnlpa.exe
[7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\System32\ntkrnlpa.exe
[7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntkrnlpa.exe
[7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe
[7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe
[7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe
[7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe
[7] 2010-06-08 . 3FAFA4C0567D205F56C15D8B9D469F9D . 3601792 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntkrnlpa.exe
[7] 2010-06-08 . E3A2697835A14C75B233606357AB46DD . 3600768 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntkrnlpa.exe
[7] 2010-06-08 . 4F332C0A64F4209EB322DB35310BA879 . 3598216 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntkrnlpa.exe
[7] 2010-06-08 . 560C7E5036D6D0F9CC4AED5DE885DB8A . 3600784 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntkrnlpa.exe
[7] 2010-02-18 . AF2FC3FE3AD6860A808B237171BA6EED . 3600776 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe
[7] 2010-02-18 . D8077969EE22B889B793D076FDCA7066 . 3502480 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe
[7] 2010-02-18 . C2334AE54E10BCA2631660F649010B03 . 3598216 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe
[7] 2010-02-18 . 642161C66547496ACCD2794AB6B4284F . 3504008 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe
[7] 2010-02-18 . 1FED62B16D372E169CF355B2F3210A65 . 3601800 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe
[7] 2010-02-18 . 8BBC454D2F91D92E3E73DB5B5A0D8D8E . 3600776 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe
[7] 2009-08-05 . 2E6E7BA5C8764F80ADA7D4C98E8B5D4A . 3599960 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntkrnlpa.exe
[7] 2009-08-05 . FF493ACD34EE896B8D114918439FAF10 . 3502152 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntkrnlpa.exe
[7] 2009-08-05 . FBA1B3594C1F691F1FA917ADE45D1DB5 . 3597896 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntkrnlpa.exe
[7] 2009-08-05 . 5FBCBEBDC19FB9A3F9C102D30FCD1E9E . 3599928 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntkrnlpa.exe
[7] 2009-08-05 . 6AD406205B25DC4EFBBCB044744248AD . 3503688 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntkrnlpa.exe
[7] 2009-08-04 . 0517782FC7FEDBEBFAD15566E75B732F . 3600456 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntkrnlpa.exe
[7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
[7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe
[7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe
[7] 2009-03-03 . 06BCF21AAA1890328D1F58F0ACBE668D . 3503584 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe
[7] 2009-03-03 . 191C702B48681FB2BA5A96F416207ACF . 3505120 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe
[7] 2008-09-18 . 3EB08788832D9048C617559CEFD208CF . 3601464 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe
[7] 2008-09-18 . DC870DCAA25E5CC1C8A50FAC19CCED45 . 3601976 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe
[7] 2008-09-18 . E67F6247029F6311E643532D2CFFE667 . 3505208 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe
[7] 2008-09-18 . 084A3A26A3D1A75D0705D963C0289DD5 . 3506744 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe
[7] 2008-04-26 . 6BB1994F5B62FEF6268F1EBB4014E293 . 3600952 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe
[7] 2008-04-26 . 68EEF02A8846442FE98AD0E0517EE6BC . 3601464 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe
[7] 2008-02-13 . 0BE027340C32D14ABECDA068E45E532A . 3504696 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntkrnlpa.exe
[7] 2008-02-13 . 4821AB9F49B32CC17887AE861895826E . 3505720 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntkrnlpa.exe
[7] 2008-01-19 . FE51E8DBBEF2D01EF886499FECBF2D78 . 3600440 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntkrnlpa.exe
[7] 2008-01-04 . A676D072FF3967821EC292F5C885A32D . 3504824 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntkrnlpa.exe
[7] 2008-01-04 . 99AC9F5573F9376970A82D77731BE62A . 3504824 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntkrnlpa.exe
[7] 2008-01-04 . A59C7EA8F866BA9EBE06CB57F01FA5E1 . 3504824 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntkrnlpa.exe
.
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
[7] 2006-11-02 . 8EB871A3DEB6B3D5A85EB6DDFC390B59 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6000.16386_none_bfb172793798ecfb\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-19 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
[7] 2006-11-02 . 68AC082734363E6BA813E7EAA353DB13 . 445440 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6000.16386_none_5664fc5c44f7ce2c\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-19 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
[7] 2006-11-02 . E72A22DCF0733AC06695ACD2268F6EB3 . 1788416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6000.16386_none_c016aaa963db2525\d3d9.dll
.
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
[7] 2006-11-02 . 29EF7A2EE634DD701571E781DE5E7E91 . 528384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6000.16386_none_02cee0f0c3162de9\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-19 07:36 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
[7] 2006-11-02 09:46 . DF54915B3DD106854F18C678BEB2977D . 88576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6000.16386_none_37dcf89704c935aa\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6000.16386_none_2f3c7bc7602ec1c4\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-19 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
[7] 2006-11-02 . D8C819157EBA10401FD25FB48184EF24 . 20480 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6000.16386_none_12c78d3353faab20\version.dll
.
[7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_129e8cd2491214ae\iexplore.exe
[7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_1218f12f2ff0da40\iexplore.exe
[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_12cfce3e48ec3cf4\iexplore.exe
[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_12355fcb2fdc2111\iexplore.exe
[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe
[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe
[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe
[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe
[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe
[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe
[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe
[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe
[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe
[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe
[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe
[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe
[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe
[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe
[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe
[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe
[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe
[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe
[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe
[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe
[7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe
[7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
[7] 2008-06-27 . 157F8DE991396C536820D7FA5C8DCF7D . 625664 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe
[7] 2008-06-27 . 4DBD95312B1C96C5285D38F1D748CD4D . 625664 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe
[7] 2008-04-25 . 07ED775D6DB4BFA96D7CFB09EB228418 . 625664 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe
[7] 2008-04-25 . 9F1427F203CA078005C9943800929640 . 625664 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe
[7] 2008-02-22 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
[7] 2008-02-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
[7] 2008-02-13 . 9143C721DD6482374EFB35BC35944324 . 625664 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\iexplore.exe
[7] 2008-02-13 . 7F2693693511F7ECD2762081F2F19864 . 625664 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20734_none_2de8ef92360a48d1\iexplore.exe
[7] 2008-01-19 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
[7] 2008-01-04 . 7023BC3AF58F0C47856AF147E290D81A . 625152 . . [7.00.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16575_none_2d35117b1d0c34fb\iexplore.exe
[7] 2008-01-04 . 4C1528C481FFE6E4EFE4BAC7271CE251 . 625664 . . [7.00.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20697_none_2dab0f0236383f55\iexplore.exe
[7] 2007-08-23 . 9B3516C1F30DA17ADD3818573047D63C . 625152 . . [7.00.6000.20583] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_2db1dbe03633c0e1\iexplore.exe
[7] 2007-08-23 . 10BDB55982586A432A3951EB19A26009 . 625152 . . [7.00.6000.16473] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_2d330f011d0e0526\iexplore.exe
[7] 2006-11-02 . 8308F01F27DF839E0010B0F72F855E35 . 623616 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16386_none_2d2b3e0d1d136ff5\iexplore.exe
.
.
.
[7] 2011-06-20 . BF4B9F40116DF26B2FC7C20CB69B9D9A . 3552144 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntoskrnl.exe
[7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\System32\ntoskrnl.exe
[7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntoskrnl.exe
[7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[7] 2010-06-08 . C5AB434D0C8FA38EAD136FB29E2504B7 . 3550600 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
[7] 2010-06-08 . F2BEE482023F146CF85EBB15B9E1CD35 . 3548040 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
[7] 2010-06-08 . D5FA5D17F03E6D39E1A12431DD6F2A39 . 3545992 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
[7] 2010-06-08 . 47DB9968B8CF2031C46007F42CCE2437 . 3548552 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
[7] 2010-02-18 . C5759C9345A06EE52C7F5ECCF685CA6D . 3548560 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe
[7] 2010-02-18 . DC44BF78DEB87B7737D0D29B5B8EDAE3 . 3468168 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe
[7] 2010-02-18 . 6025E5530E2C43E1983CC8B840DF2108 . 3545992 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe
[7] 2010-02-18 . F8BEC470EAA8621751F739585C5871CD . 3470216 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe
[7] 2010-02-18 . 31289DD6914686D088582EED4B43F826 . 3550088 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe
[7] 2010-02-18 . A5D0B405442724448D23D61821BEA92A . 3548040 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe
[7] 2009-08-05 . 3EEEDCCFB587BCB0E2DE075332498C11 . 3547736 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
[7] 2009-08-05 . 4765C66A89E7151626FF3545B01D2601 . 3467864 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
[7] 2009-08-05 . 5302026B0FADB0819009798D3F6BCD77 . 3546184 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
[7] 2009-08-05 . 09C5FB44F152EFF551A112C931DDE640 . 3548216 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
[7] 2009-08-05 . D8DCA438CE571DB20BD8C4915CAC0760 . 3469896 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
[7] 2009-08-04 . 575DD16BF4C21C2F7E2BBE203AC1E957 . 3548216 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
[7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[7] 2009-03-03 . 808C86316AED98716C5F305A6265F393 . 3471328 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[7] 2008-09-18 . 1FD3E8BFFD38F9B145E4B2B238B692F7 . 3549240 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[7] 2008-09-18 . DEA801F2D9FD1DB35ED6B9BC4A6657F1 . 3549752 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[7] 2008-09-18 . 03279407E78F76BA1131DAB35A5E55C0 . 3470904 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[7] 2008-09-18 . 1E09CE4D9BB7B6521FB023CAE2E55F63 . 3472952 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[7] 2008-04-26 . C9CD31B3CBA8134F2B47FB5E78376ACC . 3549240 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[7] 2008-04-26 . 22D444D3D88A4C299894B3638A114BF7 . 3549240 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[7] 2008-02-13 . A0BF353A68B434F2BBFF238FEEB51486 . 3470392 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntoskrnl.exe
[7] 2008-02-13 . B23072AE0FD60A2BE57FD48F81DDB5BB . 3471928 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntoskrnl.exe
[7] 2008-01-19 . 6700F35EBA206E5C89AC27C9A124DC01 . 3548728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
[7] 2008-01-04 . 0E8F7801D17C7437CEE216099B975163 . 3471032 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntoskrnl.exe
[7] 2008-01-04 . 9E6991F557248A5E6E742D1081583969 . 3471544 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntoskrnl.exe
[7] 2008-01-04 . 99B743BE7149970EB8D9C48FB0A41BF7 . 3470520 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntoskrnl.exe
[7] 2008-01-04 . 4F2488EC5D0EBFE868F47681BCF315D3 . 3470008 . . [6.0.6000.16514] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntoskrnl.exe
[7] 2008-01-04 . 2D202D94C6D0EC6B1483D2D47016FA0A . 3470520 . . [6.0.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntoskrnl.exe
[7] 2008-01-04 . 2DF67260DD3167402ABC14DC11112686 . 3472056 . . [6.0.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntoskrnl.exe
[7] 2007-08-23 . F28BD6C5F56EF09744D11482A8B7C34B . 3470008 . . [6.0.6000.20591] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20591_none_6a736cf7d0623bc3\ntoskrnl.exe
[7] 2006-11-02 . 883D5B644BFA3DC7298D4731B13AF499 . 3467880 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntoskrnl.exe
.
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[7] 2008-01-19 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
[7] 2006-11-02 . 62B0D0F6F5580D9D0DFA5E0B466FF2ED . 270848 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6000.16386_none_8670a1b3705f945b\w32time.dll
.
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[7] 2008-01-19 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
[7] 2006-11-02 . A941E099EF46E3CC12F898CBE1C39910 . 451584 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6000.16386_none_305d7915b6684b33\wiaservc.dll
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-19 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
[7] 2006-11-02 . 848E745A842F903FD521DB585AB00D97 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6000.16386_none_8ac7060813a4d0d2\midimap.dll
.
[7] 2010-05-05 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[7] 2010-05-05 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
[-] 2004-05-13 . C5ABBBD9C7307679B4FBA203213A6FD4 . 6144 . . [5.1.2600.0] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-11 399736]
"SansaDispatch"="c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2009-04-12 79872]
"Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
"googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-08-03 534312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-08-03 534312]
.
c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-08-03 269096]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
- c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
.
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
AddRemove-Recover My Files_is1 - s:\recover my files v4\unins000.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35,\
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
"dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
"iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
"haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
"datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
"rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3812)
c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Logishrd\Bluetooth\LBTServ.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\ehome\ehsched.exe
c:\windows\system32\conime.exe
c:\windows\system32\WUDFHost.exe
.
**************************************************************************
.
Completion time: 2011-11-02 11:36:25 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-02 15:36
.
Pre-Run: 113,687,846,912 bytes free
Post-Run: 116,624,883,712 bytes free
.
- - End Of File - - 0F3F5E8962B3B1B7CF3948E7B4004B94
 

jeffce

Malware Specialist
Joined
May 10, 2011
Messages
1,727
Hi thecrazycanuck,


  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
    Code:
    DDS:: 
    mRun: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
    mRunServices: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
    
    DirLook::
    c:\users\cswright\AppData\Roaming\Xaiqsu
    c:\users\cswright\AppData\Roaming\Tyxyp
    
    RegLock::
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35, \
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35, \
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    
    RegNull::
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
ComboFix 11-11-02.01 - cswright 02/11/2011 16:36:34.1.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2386 [GMT -4:00]
Running from: c:\users\cswright\Desktop\ComboFix.exe
Command switches used :: c:\users\cswright\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
.
.
2011-11-02 21:01 . 2011-11-02 21:02 -------- d-----w- c:\users\cswright\AppData\Local\temp
2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\Charles Wright\AppData\Local\temp
2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
2011-10-30 17:10 . 2011-11-02 15:53 -------- d-----w- c:\windows\system32\drivers\AVG
2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
2011-10-30 16:45 . 2011-11-02 15:53 -------- d-----w- c:\programdata\MFAData
2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-04 21:27 . 2011-10-23 05:16 -------- d-----w- c:\program files\Agrar Simulator 2011
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\cswright\AppData\Roaming\Tyxyp ----
.
.
---- Directory of c:\users\cswright\AppData\Roaming\Xaiqsu ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-11 399736]
"SansaDispatch"="c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2009-04-12 79872]
"Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
"googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
.
c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-11-02 211240]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
- c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
.
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-02 17:02
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
"dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
"iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
"haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
"datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
"rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(828)
c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Completion time: 2011-11-02 17:05:03
ComboFix-quarantined-files.txt 2011-11-02 21:05
ComboFix2.txt 2011-11-02 15:36
.
Pre-Run: 116,753,104,896 bytes free
Post-Run: 116,711,051,264 bytes free
.
- - End Of File - - 1232632A9271B1125D910420B2C86B90
 

jeffce

Malware Specialist
Joined
May 10, 2011
Messages
1,727
Hi thecrazycanuck,

P2P - I see you have P2P software µTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall these now. You can do so via Control Panel >> Programs and Features.
----------

Please download Malwarebytes' Anti-Malware to your desktop.


  • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.



The log can also be found here:
C:\Documents and Settings\<User name>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
----------

ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.

  • Do not use this instance of your browser for anything besides doing this scan
  • When the scan is complete and the results saved, close that instance of your browser
  • Open a new one the usual way and post the results in this topic.




  1. Right-click and Run as Administartor on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      icon on your desktop.
  4. Check
  5. Click the Start button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Make sure that the option "Remove found threats" is Unchecked
  9. Push the Start button.
  10. ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  11. When the scan completes, push
  12. Push
    , and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  13. Push the Back button.
  14. Push Finish

http://www.eset.com/onlinescan/
----------

In your next reply please post the logs created by Malwarebytes and ESET online scanner. :)
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8073

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

02/11/2011 8:21:20 PM
mbam-log-2011-11-02 (20-21-20).txt

Scan type: Quick scan
Objects scanned: 249638
Time elapsed: 19 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\cswright\AppData\Roaming\microsoft\a1.7z (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\cswright\AppData\Roaming\microsoft\n (Malware.Traces) -> Quarantined and deleted successfully.



ESET ONLINE SCANNER

C:\Documents and Settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Documents and Settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Documents and Settings\cswright\Downloads\freeripmp3.exe Win32/Adware.ADON application
C:\Documents and Settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
C:\Documents and Settings\cswright\Downloads\unlocker1.8.7.exe Win32/Adware.ADON application
C:\Program Files\EA\Bulletstorm\Binaries\Win32\xlive.dll a variant of Win32/Packed.VMProtect.AAD trojan
C:\Program Files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
C:\Program Files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Program Files\Unlocker\eBay_shortcuts_1016.exe Win32/Adware.ADON application
C:\ProgramData\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\cswright\Downloads\freeripmp3.exe Win32/Adware.ADON application
C:\Users\cswright\Downloads\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
C:\Users\cswright\Downloads\unlocker1.8.7.exe Win32/Adware.ADON application
C:\Windows\System32\drivers\smb.sys a variant of Win32/Kryptik.TKY trojan
N:\Torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso a variant of Win32/Keygen.AO application
R:\Torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso probably a variant of Win32/IRCBot.GYHNTGB trojan
R:\Torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso probably a variant of Win32/Adware.Agent.GOYMCER application
 

jeffce

Malware Specialist
Joined
May 10, 2011
Messages
1,727
Hi thecrazycanuck,

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
    Code:
    File::
    C:\Documents and Settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
    C:\Documents and Settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
    C:\Documents and Settings\cswright\Downloads\freeripmp3.exe 
    C:\Documents and Settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe 
    C:\Documents and Settings\cswright\Downloads\unlocker1.8.7.exe 
    C:\Program Files\EA\Bulletstorm\Binaries\Win32\xlive.dll 
    C:\Program Files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe 
    C:\Program Files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll 
    C:\Program Files\Unlocker\eBay_shortcuts_1016.exe 
    C:\ProgramData\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
    C:\Users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
    C:\Users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
    C:\Users\cswright\Downloads\freeripmp3.exe 
    C:\Users\cswright\Downloads\RBOTGEN-Removal-Tool.exe 
    C:\Users\cswright\Downloads\unlocker1.8.7.exe 
    C:\Windows\System32\drivers\smb.sys 
    N:\Torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso 
    R:\Torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso 
    R:\Torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.


  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

How is your system running now? :)
 

thecrazycanuck

Thread Starter
Joined
Oct 30, 2011
Messages
13
System is definitely working better then it was. The boot time has significantly improved.



ComboFix 11-11-02.01 - cswright 04/11/2011 11:03:50.2.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2443 [GMT -4:00]
Running from: c:\users\cswright\Desktop\ComboFix.exe
Command switches used :: c:\users\cswright\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\documents and settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
"c:\documents and settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
"c:\documents and settings\cswright\Downloads\freeripmp3.exe"
"c:\documents and settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe"
"c:\documents and settings\cswright\Downloads\unlocker1.8.7.exe"
"c:\program files\EA\Bulletstorm\Binaries\Win32\xlive.dll"
"c:\program files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe"
"c:\program files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll"
"c:\program files\Unlocker\eBay_shortcuts_1016.exe"
"c:\programdata\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
"c:\users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
"c:\users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
"c:\users\cswright\Downloads\freeripmp3.exe"
"c:\users\cswright\Downloads\RBOTGEN-Removal-Tool.exe"
"c:\users\cswright\Downloads\unlocker1.8.7.exe"
"c:\windows\System32\drivers\smb.sys"
"n:\torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso"
"r:\torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso"
"r:\torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso"
.
.
((((((((((((((((((((((((( Files Created from 2011-10-04 to 2011-11-04 )))))))))))))))))))))))))))))))
.
.
2011-11-04 15:31 . 2011-11-04 15:32 -------- d-----w- c:\users\cswright\AppData\Local\temp
2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\Charles Wright\AppData\Local\temp
2011-11-03 00:41 . 2011-11-03 00:41 -------- d-----w- c:\program files\ESET
2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\Malwarebytes
2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\programdata\Malwarebytes
2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-03 00:00 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
2011-10-30 17:10 . 2011-11-04 04:00 -------- d-----w- c:\windows\system32\drivers\AVG
2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
2011-10-30 16:45 . 2011-11-04 04:01 -------- d-----w- c:\programdata\MFAData
2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
"googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
.
c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-11-02 211240]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
.
2011-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
- c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
.
2011-11-04 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
- c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
.
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-SansaDispatch - c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-04 11:31
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
"dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
"iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
"haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
70,64,00,00
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
"datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
"rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(648)
c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
Completion time: 2011-11-04 11:56:24
ComboFix-quarantined-files.txt 2011-11-04 15:56
ComboFix2.txt 2011-11-02 21:05
ComboFix3.txt 2011-11-02 15:36
.
Pre-Run: 111,362,699,264 bytes free
Post-Run: 99,025,989,632 bytes free
.
- - End Of File - - 2E987C5B85038C88431816B93D9DD58B
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top