1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I think something is terribly wrong

Discussion in 'Virus & Other Malware Removal' started by thecrazycanuck, Oct 30, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    I am usually fairly self-sufficient with my computer problems but now whenever I try to install anything I get "The Service cannot accept control messages at this time" or when I try to use the control panel.

    Additionally Windows aero seems to be inactivated of its own accord, this may only be a symptom of a greater problem.

    I run Windows Vista SP2 on an HP pavillion m9040n if that helps.

    Here is my Hijack This log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:48:02 PM, on 30/10/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.19154)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\cswright\Downloads\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
    O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Host Driver] C:\Users\cswright\AppData\Local\Temp\dfbhost.exe
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\RunServices: [Host Driver] C:\Users\cswright\AppData\Local\Temp\dfbhost.exe
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Backblaze] "C:\Program Files\Backblaze\bzbui.exe" -quiet (User 'Default user')
    O4 - .DEFAULT User Startup: huum.exe (User 'Default user')
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
    O4 - Global Startup: VPN Client.lnk = ?
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Backblaze Service (bzserv) - Unknown owner - C:\Program Files\Backblaze\bzserv.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c98e17e990274c) (gupdate1c98e17e990274c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 13543 bytes
     
  2. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    .
    DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
    Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_29
    Run by SYSTEM at 12:53:45 on 2011-10-30
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2244 [GMT -4:00]
    .
    AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Soluto\SolutoService.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
    C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    uRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [KBD] c:\hp\kbd\KbdStub.EXE
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe"
    mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
    mRun: [BigDogPath] c:\windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)
    mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
    mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
    mRun: [Domino] c:\windows\Domino.exe
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
    mRun: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
    mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
    mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
    mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
    mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
    mRun: [<NO NAME>]
    mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    mRunServices: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
    dRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{a7091e1d-36a4-47f1-a739-173cc341414f}\Icon3E5562ED7.ico
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66}
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{62CE607A-1353-4A2D-B5D5-4E4AE3B77005} : DhcpNameServer = 192.168.0.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath -
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
    R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2011-7-7 376352]
    S0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-2 344712]
    S0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2011-7-17 51144]
    S1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\appdata\local\temp\VSPE.sys [2011-7-13 25984]
    S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-2-29 8944]
    S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 51440]
    S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-2-24 185472]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    S2 bzserv;Backblaze Service;c:\program files\backblaze\bzserv.exe [2011-5-16 269096]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
    S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-18 21504]
    S2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
    S2 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2007-8-23 198240]
    S2 IcRecUsb;IC Recorder Driver;c:\windows\system32\drivers\IcRecUsb.sys [2008-9-25 17432]
    S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
    S2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-3-13 16384]
    S2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\EngineServer.exe [2010-8-25 22816]
    S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]
    S2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2010-8-25 147984]
    S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2010-8-25 66880]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-3-2 69192]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-13 2255464]
    S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-7-25 42280]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-19 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
    S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-11-13 1440384]
    S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]
    S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-2 91896]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-2 43192]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-2 66536]
    S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
    S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2009-4-8 0]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-9-2 139368]
    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
    S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
    S3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-3-18 475136]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-10-30 16:45:10 -------- d-----w- c:\programdata\MFAData
    2011-10-28 05:57:34 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5fdbad6f-fdb5-4d2c-bbb0-dd41c06ffd6d}\offreg.dll
    2011-10-28 05:57:31 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5fdbad6f-fdb5-4d2c-bbb0-dd41c06ffd6d}\mpengine.dll
    2011-10-26 14:13:02 -------- d-----w- c:\program files\Firefly Studios
    2011-10-26 08:56:27 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
    2011-10-25 21:04:18 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
    2011-10-25 21:04:18 61248 ----a-w- c:\windows\system32\OpenCL.dll
    2011-10-25 21:04:17 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
    2011-10-25 21:04:17 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2011-10-25 21:04:16 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
    2011-10-25 21:04:16 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
    2011-10-25 21:04:15 5578560 ----a-w- c:\windows\system32\nvcuda.dll
    2011-10-25 21:04:15 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
    2011-10-25 15:45:16 -------- d--h--w- c:\program files\common files\EAInstaller
    2011-10-25 13:33:44 -------- d-----w- c:\program files\Battlefield 3
    2011-10-21 17:16:28 -------- d-----w- c:\programdata\RELOADED
    2011-10-21 16:40:43 -------- d-----w- c:\program files\Payday The Heist
    2011-10-15 14:33:01 -------- d-----w- c:\program files\common files\Macrovision Shared
    2011-10-15 14:31:54 -------- d-----w- c:\programdata\Rosetta Stone
    2011-10-15 14:31:54 -------- d-----w- c:\program files\Rosetta Stone
    2011-10-13 20:22:54 -------- d-----w- c:\programdata\Airline Tycoon 2
    2011-10-11 21:03:58 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
    2011-10-11 21:01:38 563712 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-11 21:01:38 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-10-11 21:01:38 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-10-11 21:01:38 238080 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-04 21:27:29 -------- d-----w- c:\program files\Agrar Simulator 2011
    2011-10-02 22:28:26 -------- d-----w- c:\program files\Calibre2
    .
    ==================== Find3M ====================
    .
    2011-10-30 16:50:07 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
    2011-10-29 20:45:49 1393 --sha-w- c:\windows\system32\mmf.sys
    2011-10-15 08:53:00 919872 ----a-w- c:\windows\system32\nvdispco32.dll
    2011-10-15 08:53:00 877376 ----a-w- c:\windows\system32\nvgenco32.dll
    2011-10-15 08:53:00 2458432 ----a-w- c:\windows\system32\nvapi.dll
    2011-10-15 08:53:00 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
    2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
    2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
    2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-09-30 01:19:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
    2011-08-20 20:16:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-08-14 23:53:45 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-08-03 11:50:00 66664 ----a-w- c:\windows\system32\nvshext.dll
    2011-08-03 11:50:00 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
    2011-08-03 11:50:00 599144 ----a-w- c:\windows\system32\nvvsvc.exe
    2011-08-03 11:50:00 3730024 ----a-w- c:\windows\system32\nvcpl.dll
    2011-08-03 11:50:00 2558568 ----a-w- c:\windows\system32\nvsvc.dll
    2011-08-03 11:50:00 111208 ----a-w- c:\windows\system32\nvmctray.dll
    2011-08-03 07:31:54 311912 ----a-w- c:\windows\system32\nvStreaming.exe
    .
    ============= FINISH: 12:56:39.81 ===============
     

    Attached Files:

  3. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    FYI, I have been running McAfee as my antivirus, but I just installed avg and it found some trojans but didn't solve problems.

    Running full AVG scan, not sure if AVG scan changes HJT and DDS logs, can post new ones in morning or whenever if necessary.
     
  4. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
    Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.


    Vista and Windows 7 users:
    These tools MUST be run from the executable (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.
    ----------

    Download GMER Rootkit Scanner from here or here.
    • Extract the contents of the zipped file to desktop.
    • Right-click and Run as Administrator GMER.exe. If asked to allow gmer.sys driver to load, please consent .
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

      [​IMG]
      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.

    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
    .
    ----------
     
  5. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    Running GMER, taking a long time. Will attach log when done.
     
  6. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    Here is the GMER log
     

    Attached Files:

  7. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi thecrazycanuck,

    I need some information on some unidentified files. We will use Virustotal Please submit these files for analysis

    To submit a file to virustotal, please click VirusTotal

    copy and paste the following into the upload a file box (one at a time if more than one file is listed)

    c:\windows\system32\mmf.sys

    scroll down a bit and click "send file", wait for the results and post them in your next reply.

    Please note that sometimes the scans take a few minutes. Please ensure that the scan has completed and the results are complete before submitting the next sample. Also please make sure each result is clearly identified as to which sample they belong to.
    ----------

    Download Combofix from either of the links below, and save it to your desktop.
    Link 1
    Link 2

    **Note: It is important that it is saved directly to your desktop**

    --------------------------------------------------------------------

    IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

    --------------------------------------------------------------------

    Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
    • When finished, it will produce a report for you.
    • Please post the C:\ComboFix.txt for further review.
    ----------

    In your next reply please post the logs created by VirusTotal and ComboFix. :)
     
  8. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    File name:
    mmf.sys
    Submission date:
    2011-11-01 21:34:40 (UTC)
    Current status:
    finished
    Result:
    0/ 42 (0.0%)

    VT Community

    not reviewed
    Safety score: -
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.11.01.00 2011.11.01 -
    AntiVir 7.11.16.234 2011.11.01 -
    Antiy-AVL 2.0.3.7 2011.11.01 -
    Avast 6.0.1289.0 2011.11.01 -
    AVG 10.0.0.1190 2011.11.01 -
    BitDefender 7.2 2011.11.01 -
    ByteHero 1.0.0.1 2011.09.23 -
    CAT-QuickHeal 11.00 2011.11.01 -
    ClamAV 0.97.3.0 2011.11.01 -
    Commtouch 5.3.2.6 2011.11.01 -
    Comodo 10631 2011.11.01 -
    DrWeb 5.0.2.03300 2011.11.01 -
    Emsisoft 5.1.0.11 2011.11.01 -
    eSafe 7.0.17.0 2011.10.30 -
    eTrust-Vet 36.1.8651 2011.11.01 -
    F-Prot 4.6.5.141 2011.11.01 -
    F-Secure 9.0.16440.0 2011.11.01 -
    Fortinet 4.3.370.0 2011.11.01 -
    GData 22 2011.11.01 -
    Ikarus T3.1.1.107.0 2011.11.01 -
    Jiangmin 13.0.900 2011.11.01 -
    K7AntiVirus 9.116.5371 2011.11.01 -
    Kaspersky 9.0.0.837 2011.11.01 -
    McAfee 5.400.0.1158 2011.11.01 -
    McAfee-GW-Edition 2010.1D 2011.11.01 -
    Microsoft 1.7801 2011.11.01 -
    NOD32 6593 2011.11.01 -
    Norman 6.07.13 2011.11.01 -
    nProtect 2011-11-01.01 2011.11.01 -
    Panda 10.0.3.5 2011.11.01 -
    PCTools 8.0.0.5 2011.11.01 -
    Prevx 3.0 2011.11.01 -
    Rising 23.82.01.02 2011.11.01 -
    Sophos 4.70.0 2011.11.01 -
    SUPERAntiSpyware 4.40.0.1006 2011.11.01 -
    Symantec 20111.2.0.82 2011.11.01 -
    TheHacker 6.7.0.1.336 2011.10.31 -
    TrendMicro 9.500.0.1008 2011.11.01 -
    TrendMicro-HouseCall 9.500.0.1008 2011.11.01 -
    VIPRE 10938 2011.11.01 -
    ViRobot 2011.11.1.4749 2011.11.01 -
    VirusBuster 14.1.40.1 2011.11.01 -
    Additional information
    MD5 : ed099467146559480ef6b83199127861
    SHA1 : 7416fa6a6899300821537695e44f643a25e5afd2
    SHA256: ee7a95c1ccdabc11eb1f64a763792a9557e997ba9fb90760615110f1d2f3a86b

    VT Community

    This file has never been reviewed by any VT Community member. Be the first one to comment on it!
     
  9. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    FYI ran combofix in safe mode, thought avg was running even when it wasn't. And yes I am sure AVG wasn't running no AVG in the processes

    ComboFix 11-11-02.01 - cswright 02/11/2011 10:43:48.1.4 - x86 NETWORK
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2336 [GMT -4:00]
    Running from: c:\users\cswright\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\explorer
    c:\program files\explorer\AddressParser\AddressParserConfiguration.xml
    c:\program files\explorer\AddressParser\parser_andorra.xml
    c:\program files\explorer\AddressParser\parser_austria.xml
    c:\program files\explorer\AddressParser\parser_belgium.xml
    c:\program files\explorer\AddressParser\parser_canada.xml
    c:\program files\explorer\AddressParser\parser_denmark.xml
    c:\program files\explorer\AddressParser\parser_france.xml
    c:\program files\explorer\AddressParser\parser_germany.xml
    c:\program files\explorer\AddressParser\parser_ireland.xml
    c:\program files\explorer\AddressParser\parser_italy.xml
    c:\program files\explorer\AddressParser\parser_liechtenstein.xml
    c:\program files\explorer\AddressParser\parser_luxembourg.xml
    c:\program files\explorer\AddressParser\parser_monaco.xml
    c:\program files\explorer\AddressParser\parser_netherlands.xml
    c:\program files\explorer\AddressParser\parser_norway.xml
    c:\program files\explorer\AddressParser\parser_portugal.xml
    c:\program files\explorer\AddressParser\parser_spain.xml
    c:\program files\explorer\AddressParser\parser_sweden.xml
    c:\program files\explorer\AddressParser\parser_switzerland.xml
    c:\program files\explorer\AddressParser\parser_uk.xml
    c:\program files\explorer\AddressParser\parser_usa.xml
    c:\program files\explorer\basemaps\basemaps.de.xml
    c:\program files\explorer\basemaps\basemaps.es.xml
    c:\program files\explorer\basemaps\basemaps.fr.xml
    c:\program files\explorer\basemaps\basemaps.ja-jp.xml
    c:\program files\explorer\basemaps\basemaps.xml
    c:\program files\explorer\basemaps\basemaps.zh-CN.xml
    c:\program files\explorer\basemaps\Server\basemap0.nmf
    c:\program files\explorer\basemaps\Server\basemap0.png
    c:\program files\explorer\basemaps\Server\basemap1.nmf
    c:\program files\explorer\basemaps\Server\basemap1.png
    c:\program files\explorer\basemaps\Server\basemap10.nmf
    c:\program files\explorer\basemaps\Server\basemap10.png
    c:\program files\explorer\basemaps\Server\basemap11.nmf
    c:\program files\explorer\basemaps\Server\basemap11.png
    c:\program files\explorer\basemaps\Server\basemap2.nmf
    c:\program files\explorer\basemaps\Server\basemap2.png
    c:\program files\explorer\basemaps\Server\basemap3.nmf
    c:\program files\explorer\basemaps\Server\basemap3.png
    c:\program files\explorer\basemaps\Server\basemap4.nmf
    c:\program files\explorer\basemaps\Server\basemap4.png
    c:\program files\explorer\basemaps\Server\basemap5.nmf
    c:\program files\explorer\basemaps\Server\basemap5.png
    c:\program files\explorer\basemaps\Server\basemap6.nmf
    c:\program files\explorer\basemaps\Server\basemap6.png
    c:\program files\explorer\basemaps\Server\basemap7.nmf
    c:\program files\explorer\basemaps\Server\basemap7.png
    c:\program files\explorer\basemaps\Server\basemap8.nmf
    c:\program files\explorer\basemaps\Server\basemap8.png
    c:\program files\explorer\basemaps\Server\basemap9.nmf
    c:\program files\explorer\basemaps\Server\basemap9.png
    c:\program files\explorer\basemaps\Server\basemaps.de.xml
    c:\program files\explorer\basemaps\Server\basemaps.es.xml
    c:\program files\explorer\basemaps\Server\basemaps.fr.xml
    c:\program files\explorer\basemaps\Server\basemaps.ja-jp.xml
    c:\program files\explorer\basemaps\Server\basemaps.xml
    c:\program files\explorer\basemaps\Server\basemaps.zh-CN.xml
    c:\program files\explorer\bin\3dAnalystUtil.dll
    c:\program files\explorer\bin\3DSymbols.dll
    c:\program files\explorer\bin\3DSymbolsLib.dll
    c:\program files\explorer\bin\AfCore.dll
    c:\program files\explorer\bin\AfUtil.dll
    c:\program files\explorer\bin\AGSClient.dll
    c:\program files\explorer\bin\aibase.dll
    c:\program files\explorer\bin\aifeat.dll
    c:\program files\explorer\bin\AISClient.dll
    c:\program files\explorer\bin\AISGlobalLib.dll
    c:\program files\explorer\bin\aishape.dll
    c:\program files\explorer\bin\Animation.dll
    c:\program files\explorer\bin\AnnoLayer.dll
    c:\program files\explorer\bin\Annotation.dll
    c:\program files\explorer\bin\AnnotationLib.dll
    c:\program files\explorer\bin\AoInitializer.dll
    c:\program files\explorer\bin\AppInitializerLib.dll
    c:\program files\explorer\bin\ApplicationConfigurationManager.exe
    c:\program files\explorer\bin\ArcGISExplorer.ISCConfig
    c:\program files\explorer\bin\atl71.dll
    c:\program files\explorer\bin\BasemapLayer.dll
    c:\program files\explorer\bin\BasicRasterPicture.dll
    c:\program files\explorer\bin\BGLAPI.dll
    c:\program files\explorer\bin\BGLAPILib.dll
    c:\program files\explorer\bin\BGLFontEngine.dll
    c:\program files\explorer\bin\BGLGeomChestLib.dll
    c:\program files\explorer\bin\BGLGeometricEffects.dll
    c:\program files\explorer\bin\BGLImageCoders.dll
    c:\program files\explorer\bin\BGLRasterizerLib.dll
    c:\program files\explorer\bin\BGLRasterizerSW.dll
    c:\program files\explorer\bin\BGLSymbols.dll
    c:\program files\explorer\bin\BGLSymbolsLib.dll
    c:\program files\explorer\bin\BGLToGDIHelper.dll
    c:\program files\explorer\bin\bin.zreg
    c:\program files\explorer\bin\CacheRasterDB.dll
    c:\program files\explorer\bin\CadastralFabric.dll
    c:\program files\explorer\bin\CadastralFabricLayer.dll
    c:\program files\explorer\bin\CadEngine.dll
    c:\program files\explorer\bin\CadFDB.dll
    c:\program files\explorer\bin\CadLayer.dll
    c:\program files\explorer\bin\CadWorkspaceFactory.dll
    c:\program files\explorer\bin\Camera.dll
    c:\program files\explorer\bin\CartoControlsLib.dll
    c:\program files\explorer\bin\CartoConverter.dll
    c:\program files\explorer\bin\CartoXLib.dll
    c:\program files\explorer\bin\CIM.dll
    c:\program files\explorer\bin\CIMLib.dll
    c:\program files\explorer\bin\Color.dll
    c:\program files\explorer\bin\ComplexSymbols.dll
    c:\program files\explorer\bin\CompressedDataFile.dll
    c:\program files\explorer\bin\Configuration\CATID\esri.catid.ecfg
    c:\program files\explorer\bin\Configuration\CLSID\esri.clsid.ecfg
    c:\program files\explorer\bin\DADFLib.dll
    c:\program files\explorer\bin\DaeLib.dll
    c:\program files\explorer\bin\DataConverterLib.dll
    c:\program files\explorer\bin\dbghelp.dll
    c:\program files\explorer\bin\de\ApplicationConfigurationManager.resources.dll
    c:\program files\explorer\bin\de\DADFRes.dll
    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.Application.resources.dll
    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.MapCenter.resources.dll
    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.resources.dll
    c:\program files\explorer\bin\de\ResToolkitPro.dll
    c:\program files\explorer\bin\DECoreLib.dll
    c:\program files\explorer\bin\DFORRT.DLL
    c:\program files\explorer\bin\Display.dll
    c:\program files\explorer\bin\DisplayFeedback.dll
    c:\program files\explorer\bin\DisplayGraph.dll
    c:\program files\explorer\bin\DisplayLib.dll
    c:\program files\explorer\bin\DistributedGeodbLib.dll
    c:\program files\explorer\bin\DynamicDisplay.dll
    c:\program files\explorer\bin\e3.config.xml
    c:\program files\explorer\bin\E3.exe
    c:\program files\explorer\bin\E3.exe.config
    c:\program files\explorer\bin\E3Control.dll
    c:\program files\explorer\bin\E3EmailHelper.exe
    c:\program files\explorer\bin\EngineGraphics.dll
    c:\program files\explorer\bin\EnginePackager.dll
    c:\program files\explorer\bin\es\ApplicationConfigurationManager.resources.dll
    c:\program files\explorer\bin\es\DADFRes.dll
    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.Application.resources.dll
    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.MapCenter.resources.dll
    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.resources.dll
    c:\program files\explorer\bin\es\ResToolkitPro.dll
    c:\program files\explorer\bin\ESRI.ArcGIS.Utilities.Compression.dll
    c:\program files\explorer\bin\ESRI.ArcGISExplorer.Application.dll
    c:\program files\explorer\bin\ESRI.ArcGISExplorer.dll
    c:\program files\explorer\bin\ESRI.ArcGISExplorer.MapCenter.dll
    c:\program files\explorer\bin\ESRI.DADF.Core.dll
    c:\program files\explorer\bin\ESRI.DADF.dll
    c:\program files\explorer\bin\esrizip.exe
    c:\program files\explorer\bin\Export.dll
    c:\program files\explorer\bin\ExtTopoEngine.dll
    c:\program files\explorer\bin\FdaCore.dll
    c:\program files\explorer\bin\FdaCoreLib.dll
    c:\program files\explorer\bin\FdaRel.dll
    c:\program files\explorer\bin\FeatureDataConverter.dll
    c:\program files\explorer\bin\FeatureDataElements.dll
    c:\program files\explorer\bin\FeatureLayer.dll
    c:\program files\explorer\bin\FeatureLayerLib.dll
    c:\program files\explorer\bin\FgdbRasterDB.dll
    c:\program files\explorer\bin\FgdbUtilLib.dll
    c:\program files\explorer\bin\FileDataElements.dll
    c:\program files\explorer\bin\FileDBCoreLib.dll
    c:\program files\explorer\bin\FileGDB.dll
    c:\program files\explorer\bin\FileGDBWorkspaceFactory.dll
    c:\program files\explorer\bin\fr\ApplicationConfigurationManager.resources.dll
    c:\program files\explorer\bin\fr\DADFRes.dll
    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.Application.resources.dll
    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.MapCenter.resources.dll
    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.resources.dll
    c:\program files\explorer\bin\fr\ResToolkitPro.dll
    c:\program files\explorer\bin\FunctionRasterDB.dll
    c:\program files\explorer\bin\gdal16.dll
    c:\program files\explorer\bin\GdalRasterDB.dll
    c:\program files\explorer\bin\GdbCatalog.dll
    c:\program files\explorer\bin\GdbCore.dll
    c:\program files\explorer\bin\GdbCoreLib.dll
    c:\program files\explorer\bin\GdbNet.dll
    c:\program files\explorer\bin\GdbTopo.dll
    c:\program files\explorer\bin\GeoDataExtraction.dll
    c:\program files\explorer\bin\GeoDataServer.dll
    c:\program files\explorer\bin\GeoDataTransfer.dll
    c:\program files\explorer\bin\Geometry.dll
    c:\program files\explorer\bin\GeoprocessingLib.dll
    c:\program files\explorer\bin\GeoProcessor.dll
    c:\program files\explorer\bin\GeoRSSPlugin.dll
    c:\program files\explorer\bin\glew32.dll
    c:\program files\explorer\bin\Globe.dll
    c:\program files\explorer\bin\GlobeCamera.dll
    c:\program files\explorer\bin\GlobeClient.dll
    c:\program files\explorer\bin\GlobeCoreLib.dll
    c:\program files\explorer\bin\GlobeDisplay.dll
    c:\program files\explorer\bin\GlobeLayers.dll
    c:\program files\explorer\bin\GlobeServer.dll
    c:\program files\explorer\bin\GlobeServerLayer.dll
    c:\program files\explorer\bin\GlobeViewerCoreLib.dll
    c:\program files\explorer\bin\GPClient.dll
    c:\program files\explorer\bin\GpObjects.dll
    c:\program files\explorer\bin\GpPythonCore.dll
    c:\program files\explorer\bin\GPRasterFunctions.dll
    c:\program files\explorer\bin\GraphicElements.dll
    c:\program files\explorer\bin\hd420m.dll
    c:\program files\explorer\bin\hdf5dll.dll
    c:\program files\explorer\bin\hm420m.dll
    c:\program files\explorer\bin\icudt40.dll
    c:\program files\explorer\bin\icuin40.dll
    c:\program files\explorer\bin\icuio40.dll
    c:\program files\explorer\bin\icule40.dll
    c:\program files\explorer\bin\icuuc40.dll
    c:\program files\explorer\bin\ImageAccessLib.dll
    c:\program files\explorer\bin\ImageClient.dll
    c:\program files\explorer\bin\ImageServer.dll
    c:\program files\explorer\bin\ImageServerLayer.dll
    c:\program files\explorer\bin\IMSConnector.dll
    c:\program files\explorer\bin\ImsFDB.dll
    c:\program files\explorer\bin\IMSLayer.dll
    c:\program files\explorer\bin\IMSLayerLib.dll
    c:\program files\explorer\bin\IMSServiceLib.dll
    c:\program files\explorer\bin\ImsWorkspaceFactory.dll
    c:\program files\explorer\bin\InMemoryWorkspaceFactory.dll
    c:\program files\explorer\bin\InputDevice3Dx.dll
    c:\program files\explorer\bin\ja-JP\ApplicationConfigurationManager.resources.dll
    c:\program files\explorer\bin\ja-JP\DADFRes.dll
    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.Application.resources.dll
    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.MapCenter.resources.dll
    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.resources.dll
    c:\program files\explorer\bin\ja-JP\ResToolkitPro.dll
    c:\program files\explorer\bin\kdu61.dll
    c:\program files\explorer\bin\KmlLayer.dll
    c:\program files\explorer\bin\LabelPlacement.dll
    c:\program files\explorer\bin\Layer.dll
    c:\program files\explorer\bin\LayerLib.dll
    c:\program files\explorer\bin\lcms117lib.dll
    c:\program files\explorer\bin\libcollada14dom21.dll
    c:\program files\explorer\bin\libcurl.dll
    c:\program files\explorer\bin\lti_dsdk_dll.dll
    c:\program files\explorer\bin\Map.dll
    c:\program files\explorer\bin\MapClient.dll
    c:\program files\explorer\bin\MapDB.dll
    c:\program files\explorer\bin\MapElements.dll
    c:\program files\explorer\bin\MaplexEngineLib.dll
    c:\program files\explorer\bin\MapLib.dll
    c:\program files\explorer\bin\MappingCore.dll
    c:\program files\explorer\bin\MappingCoreLib.dll
    c:\program files\explorer\bin\MappingServicesLib.dll
    c:\program files\explorer\bin\MapServer.dll
    c:\program files\explorer\bin\MapServerLayer.dll
    c:\program files\explorer\bin\Marker3DFile.dll
    c:\program files\explorer\bin\MessageSupport.dll
    c:\program files\explorer\bin\Microsoft.VC90.ATL\atl90.dll
    c:\program files\explorer\bin\Microsoft.VC90.ATL\Microsoft.VC90.ATL.manifest
    c:\program files\explorer\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcm90.dll
    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcp90.dll
    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcr90.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90u.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90u.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFC\Microsoft.VC90.MFC.manifest
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHS.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHT.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90DEU.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ENU.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESN.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESP.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90FRA.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ITA.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90JPN.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90KOR.dll
    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\Microsoft.VC90.MFCLOC.manifest
    c:\program files\explorer\bin\Microsoft.VC90.OPENMP\Microsoft.VC90.OpenMP.manifest
    c:\program files\explorer\bin\Microsoft.VC90.OPENMP\vcomp90.dll
    c:\program files\explorer\bin\MosaicDB.dll
    c:\program files\explorer\bin\msvcp71.dll
    c:\program files\explorer\bin\msvcr71.dll
    c:\program files\explorer\bin\Navigation.dll
    c:\program files\explorer\bin\NetEngine80.dll
    c:\program files\explorer\bin\Network.dll
    c:\program files\explorer\bin\NetworkAnalystSolvers.dll
    c:\program files\explorer\bin\NetworkDataset.dll
    c:\program files\explorer\bin\OGCClient.dll
    c:\program files\explorer\bin\OleFDB.dll
    c:\program files\explorer\bin\OutputLib.dll
    c:\program files\explorer\bin\PageLayout.dll
    c:\program files\explorer\bin\pe.dll
    c:\program files\explorer\bin\PlugInDataSource.dll
    c:\program files\explorer\bin\PlugInWorkspaceFactory.dll
    c:\program files\explorer\bin\PrintOut.dll
    c:\program files\explorer\bin\RasterAnalysisUtilLib.dll
    c:\program files\explorer\bin\RasterCatalog.dll
    c:\program files\explorer\bin\RasterCoreLib.dll
    c:\program files\explorer\bin\RasterDB.dll
    c:\program files\explorer\bin\RasterEngine.dll
    c:\program files\explorer\bin\RasterFormats.dat
    c:\program files\explorer\bin\RasterGraphicElements.dll
    c:\program files\explorer\bin\RasterIO.dll
    c:\program files\explorer\bin\RasterLayer.dll
    c:\program files\explorer\bin\RasterRenderer.dll
    c:\program files\explorer\bin\RasterWorkspaceFactory.dll
    c:\program files\explorer\bin\Renderers.dll
    c:\program files\explorer\bin\RepresentationDB.dll
    c:\program files\explorer\bin\RepresentationEffects.dll
    c:\program files\explorer\bin\RepresentationLayer.dll
    c:\program files\explorer\bin\RepresentationLib.dll
    c:\program files\explorer\bin\RepresentationSymbols.dll
    c:\program files\explorer\bin\SceneFilters.dll
    c:\program files\explorer\bin\SceneGraph.dll
    c:\program files\explorer\bin\sdcdbx.dll
    c:\program files\explorer\bin\SDCPlugIn.dll
    c:\program files\explorer\bin\sde.dll
    c:\program files\explorer\bin\SdeFDB.dll
    c:\program files\explorer\bin\SdeRasterDB.dll
    c:\program files\explorer\bin\sdesetup.dll
    c:\program files\explorer\bin\SdeWorkspaceFactory.dll
    c:\program files\explorer\bin\ServerStyleGallery.dll
    c:\program files\explorer\bin\sg.dll
    c:\program files\explorer\bin\ShapefileFDB.dll
    c:\program files\explorer\bin\ShapefileWorkspaceFactory.dll
    c:\program files\explorer\bin\SimpleDataConverter.dll
    c:\program files\explorer\bin\StyleGalleryClasses.dll
    c:\program files\explorer\bin\SystemUIUtil.dll
    c:\program files\explorer\bin\Terrain.dll
    c:\program files\explorer\bin\TerrainLayer.dll
    c:\program files\explorer\bin\TextFileWorkspaceFactory.dll
    c:\program files\explorer\bin\TextureCookerService.exe
    c:\program files\explorer\bin\TinDb.dll
    c:\program files\explorer\bin\TinEngine.dll
    c:\program files\explorer\bin\TinLayer.dll
    c:\program files\explorer\bin\TinRenderer.dll
    c:\program files\explorer\bin\TinWorkspaceFactory.dll
    c:\program files\explorer\bin\ViewerCoreLib.dll
    c:\program files\explorer\bin\VpfFDB.dll
    c:\program files\explorer\bin\VpfWorkspaceFactory.dll
    c:\program files\explorer\bin\WebServices.dll
    c:\program files\explorer\bin\WMSLayer.dll
    c:\program files\explorer\bin\xerces-c_2_7.dll
    c:\program files\explorer\bin\XmlSupport.dat
    c:\program files\explorer\bin\XMLSupport.dll
    c:\program files\explorer\bin\XYEvents.dll
    c:\program files\explorer\bin\zh-CN\applicationconfigurationmanager.resources.dll
    c:\program files\explorer\bin\zh-CN\DADFRes.dll
    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.Application.resources.dll
    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.MapCenter.resources.dll
    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.resources.dll
    c:\program files\explorer\bin\zh-CN\ResToolkitPro.dll
    c:\program files\explorer\bin\zlib1.dll
    c:\program files\explorer\bin\zlibwapi.dll
    c:\program files\explorer\ColorProfiles\esriGray22.icc
    c:\program files\explorer\ColorProfiles\Lab2Lab.icm
    c:\program files\explorer\ColorProfiles\sRGB_IEC61966-2-1_noBPC.icc
    c:\program files\explorer\ColorProfiles\USWebCoatedSWOP.icc
    c:\program files\explorer\ColorProfiles\Xyz2Xyz.icm
    c:\program files\explorer\com\com.zreg
    c:\program files\explorer\com\esriE3.olb
    c:\program files\explorer\license\ExplorerEnglishLicense.pdf
    c:\program files\explorer\license\ExplorerFrenchLicense.pdf
    c:\program files\explorer\license\ExplorerGermanLicense.pdf
    c:\program files\explorer\license\ExplorerJapaneseLicense.pdf
    c:\program files\explorer\license\ExplorerSimplChineseLicense.pdf
    c:\program files\explorer\license\ExplorerSpanishLicense.pdf
    c:\program files\explorer\PackageTemplates\ArcGISExplorer.stylesheet
    c:\program files\explorer\PackageTemplates\Package931.template
    c:\program files\explorer\pedata\gdaldata\coordinate_axis.csv
    c:\program files\explorer\pedata\gdaldata\cubewerx_extra.wkt
    c:\program files\explorer\pedata\gdaldata\ecw_cs.dat
    c:\program files\explorer\pedata\gdaldata\ellipsoid.csv
    c:\program files\explorer\pedata\gdaldata\epsg.wkt
    c:\program files\explorer\pedata\gdaldata\esri_extra.wkt
    c:\program files\explorer\pedata\gdaldata\gcs.csv
    c:\program files\explorer\pedata\gdaldata\gdal_datum.csv
    c:\program files\explorer\pedata\gdaldata\gdalicon.png
    c:\program files\explorer\pedata\gdaldata\pcs.csv
    c:\program files\explorer\pedata\gdaldata\prime_meridian.csv
    c:\program files\explorer\pedata\gdaldata\projop_wparm.csv
    c:\program files\explorer\pedata\gdaldata\s57attributes.csv
    c:\program files\explorer\pedata\gdaldata\s57expectedinput.csv
    c:\program files\explorer\pedata\gdaldata\s57objectclasses.csv
    c:\program files\explorer\pedata\gdaldata\seed_2d.dgn
    c:\program files\explorer\pedata\gdaldata\seed_3d.dgn
    c:\program files\explorer\pedata\gdaldata\stateplane.csv
    c:\program files\explorer\pedata\gdaldata\unit_of_measure.csv
    c:\program files\explorer\plugins\explorerCore.ecfg
    c:\program files\explorer\schemas\ExplorerAddIn.xsd
    c:\program files\explorer\schemas\ExplorerGeometry.xsd
    c:\program files\explorer\schemas\NmfDocument.xsd
    c:\program files\explorer\Styles\default.css
    c:\program files\explorer\Styles\Directions\CheckeredFlag16.png
    c:\program files\explorer\Styles\Directions\GreenFlag16.png
    c:\program files\explorer\Styles\Directions\Print16.png
    c:\program files\explorer\Styles\ExplorerColors.de.xml
    c:\program files\explorer\Styles\ExplorerColors.es.xml
    c:\program files\explorer\Styles\ExplorerColors.fr.xml
    c:\program files\explorer\Styles\ExplorerColors.ja-JP.xml
    c:\program files\explorer\Styles\ExplorerColors.xml
    c:\program files\explorer\Styles\ExplorerColors.zh-CN.xml
    c:\program files\explorer\Styles\ExplorerSymbols.de.xml
    c:\program files\explorer\Styles\ExplorerSymbols.es.xml
    c:\program files\explorer\Styles\ExplorerSymbols.fr.xml
    c:\program files\explorer\Styles\ExplorerSymbols.ja-JP.xml
    c:\program files\explorer\Styles\ExplorerSymbols.xml
    c:\program files\explorer\Styles\ExplorerSymbols.zh-CN.xml
    c:\program files\explorer\Styles\kml.css
    c:\program files\explorer\Styles\KMLIcons\american-flag.png
    c:\program files\explorer\Styles\KMLIcons\arrow.png
    c:\program files\explorer\Styles\KMLIcons\asian-flag.png
    c:\program files\explorer\Styles\KMLIcons\auto-service.png
    c:\program files\explorer\Styles\KMLIcons\auto.png
    c:\program files\explorer\Styles\KMLIcons\bang.png
    c:\program files\explorer\Styles\KMLIcons\bars.png
    c:\program files\explorer\Styles\KMLIcons\building.png
    c:\program files\explorer\Styles\KMLIcons\coffee_house_16.png
    c:\program files\explorer\Styles\KMLIcons\crosshair.png
    c:\program files\explorer\Styles\KMLIcons\dining.png
    c:\program files\explorer\Styles\KMLIcons\dining_16.png
    c:\program files\explorer\Styles\KMLIcons\dot.png
    c:\program files\explorer\Styles\KMLIcons\fast-food.png
    c:\program files\explorer\Styles\KMLIcons\four-dollars.png
    c:\program files\explorer\Styles\KMLIcons\french-flag.png
    c:\program files\explorer\Styles\KMLIcons\hand.png
    c:\program files\explorer\Styles\KMLIcons\high_res_places.png
    c:\program files\explorer\Styles\KMLIcons\highway_16.png
    c:\program files\explorer\Styles\KMLIcons\italian-flag.png
    c:\program files\explorer\Styles\KMLIcons\large_traffic_count_16.png
    c:\program files\explorer\Styles\KMLIcons\mexican-flag.png
    c:\program files\explorer\Styles\KMLIcons\misc_dining.png
    c:\program files\explorer\Styles\KMLIcons\note.png
    c:\program files\explorer\Styles\KMLIcons\one-dollar.png
    c:\program files\explorer\Styles\KMLIcons\palette-2.png
    c:\program files\explorer\Styles\KMLIcons\palette-3.png
    c:\program files\explorer\Styles\KMLIcons\palette-4.png
    c:\program files\explorer\Styles\KMLIcons\palette-5.png
    c:\program files\explorer\Styles\KMLIcons\parks.png
    c:\program files\explorer\Styles\KMLIcons\recreation.png
    c:\program files\explorer\Styles\KMLIcons\school_16.png
    c:\program files\explorer\Styles\KMLIcons\search.png
    c:\program files\explorer\Styles\KMLIcons\streamed_layer.png
    c:\program files\explorer\Styles\KMLIcons\streamed_layers.png
    c:\program files\explorer\Styles\KMLIcons\terrain_16.png
    c:\program files\explorer\Styles\KMLIcons\three-dollars.png
    c:\program files\explorer\Styles\KMLIcons\transportation.png
    c:\program files\explorer\Styles\KMLIcons\two-dollars.png
    c:\program files\explorer\Styles\KMLIcons\webcam_16.png
    c:\program files\explorer\Styles\SlideTitleStyles.de.xml
    c:\program files\explorer\Styles\SlideTitleStyles.es.xml
    c:\program files\explorer\Styles\SlideTitleStyles.fr.xml
    c:\program files\explorer\Styles\SlideTitleStyles.ja-JP.xml
    c:\program files\explorer\Styles\SlideTitleStyles.xml
    c:\program files\explorer\Styles\SlideTitleStyles.zh-CN.xml
    c:\program files\explorer\Styles\StyleSheet.xsl
    c:\program files\explorer\Styles\SymbolImages\Civic\ATM.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Bank.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Bell.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Cemetery.png
    c:\program files\explorer\Styles\SymbolImages\Civic\City.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Clue.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Crowd.png
    c:\program files\explorer\Styles\SymbolImages\Civic\GhostTown.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Horn.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Housing.png
    c:\program files\explorer\Styles\SymbolImages\Civic\MailPost.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Office.png
    c:\program files\explorer\Styles\SymbolImages\Civic\Radioactive.png
    c:\program files\explorer\Styles\SymbolImages\Civic\School.png
    c:\program files\explorer\Styles\SymbolImages\Civic\StarsStripes.png
    c:\program files\explorer\Styles\SymbolImages\Flag\CheckeredFlag.png
    c:\program files\explorer\Styles\SymbolImages\Flag\GreenFlag.png
    c:\program files\explorer\Styles\SymbolImages\Flag\RedFlag.png
    c:\program files\explorer\Styles\SymbolImages\Flag\WhiteFlag.png
    c:\program files\explorer\Styles\SymbolImages\Flag\YellowFlag.png
    c:\program files\explorer\Styles\SymbolImages\Health\AidStation.png
    c:\program files\explorer\Styles\SymbolImages\Health\Ambulance.png
    c:\program files\explorer\Styles\SymbolImages\Health\Doctor.png
    c:\program files\explorer\Styles\SymbolImages\Health\Health.png
    c:\program files\explorer\Styles\SymbolImages\Health\Hospital.png
    c:\program files\explorer\Styles\SymbolImages\Health\Pharmacy.png
    c:\program files\explorer\Styles\SymbolImages\Marine\AmberBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\BlackBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\BlueBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\BoatsKeepOut.png
    c:\program files\explorer\Styles\SymbolImages\Marine\ControlledArea.png
    c:\program files\explorer\Styles\SymbolImages\Marine\Danger.png
    c:\program files\explorer\Styles\SymbolImages\Marine\DiverDown.png
    c:\program files\explorer\Styles\SymbolImages\Marine\GreenBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\GreenDiamondDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\GreenRedBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\GreenSquareDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\GreenWhiteBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\OrangeBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\PersonOverboard.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RadioBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedDiamondDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedGreenBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedSquareDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedTriangleDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\RedWhiteBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\SkullandCrossbones.png
    c:\program files\explorer\Styles\SymbolImages\Marine\UnderwaterOperations.png
    c:\program files\explorer\Styles\SymbolImages\Marine\VioletBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteDiamondDaymark.png
    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteGreenBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteRedBeacon.png
    c:\program files\explorer\Styles\SymbolImages\Marine\Wreck.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\ArrowYellow.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Capital1.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Capital2.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\CircleX.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\CrossHair.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated1.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated2.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated3.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated4.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated5.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated6.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated7.png
    c:\program files\explorer\Styles\SymbolImages\Placemark\Star.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\AmusementPark.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Bar.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Camera.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\CameraWeb.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\CellPhone.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Coffee.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dam.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\DepartmentStore.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dining.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\DrinkingWater.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\FastFood.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\FitnessCenter.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Forest.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Globe.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Information.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\InformationQuestion.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\LandLine.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Light.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\LiveShow.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Mine.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\MovieTheater.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Museum.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\News.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Note.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\OilWell.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pizza.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pub.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Question.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\RealEstate.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Reservoir.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Restroom.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shopping.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shower.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Stadium.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerShort.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerTall.png
    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Zoo.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\Burglary.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireFighter.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireStation.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireTruck.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\Homicide.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\Police.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceCar.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceOfficer.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceStation.png
    c:\program files\explorer\Styles\SymbolImages\Public Safety\Theft.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\BlackPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\BluePushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\BrownPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\GrayPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\GreenPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\LightBluePushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\OrangePushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\PinkPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\PurplePushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\RedPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\SpringGreenPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\WhitePushpin.png
    c:\program files\explorer\Styles\SymbolImages\Pushpin\YellowPushpin.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Beach.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\BoatLaunch.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Bowling.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Camping.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Deer.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Fishing.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Geocache.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\GeocacheFound.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Gliding.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Golf.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Hiking.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Mountain.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Park.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\RestArea.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\RVPark.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\SkyDiving.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Sports.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\Swimming.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\TrackBack.png
    c:\program files\explorer\Styles\SymbolImages\Recreation\WaterSkiing.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\BlueSphere.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\GreenSphere.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\OrangeSphere.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\PurpleSphere.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\RedSphere.png
    c:\program files\explorer\Styles\SymbolImages\Sphere\YellowSphere.png
    c:\program files\explorer\Styles\SymbolImages\Square\BlackWaypoint.png
    c:\program files\explorer\Styles\SymbolImages\Square\BlueWaypoint.png
    c:\program files\explorer\Styles\SymbolImages\Square\WhiteWaypoint.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\BlackStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\BlueStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\BrownStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\GrayStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\GreenStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\LightBlueStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\OrangeStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\PinkStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\PurpleStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\RedStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\SpringGreenStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\WhiteStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Stickpin\YellowStickpin.png
    c:\program files\explorer\Styles\SymbolImages\Transparent\Transparent.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Airplane.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\AirStrip.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Breakdown.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Bus.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenBack.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenFront.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedBack.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedFront.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRental.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRepair.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowBack.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowFront.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\ConvenienceStore.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Crossing.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Fuel.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterGreen.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterRed.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterYellow.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Landingpad.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Lodging.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\MileMarker.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\MountainPass.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Overpass.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Parking.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\PrivateField.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\RoadClosure.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\RoadWork.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Sailing.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Scales.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Seaplane.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Tank.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Toll.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\TrafficAccident.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Tunnel.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\Ultralight.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\WarningRed.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\WarningYellow.png
    c:\program files\explorer\Styles\SymbolImages\Transportation\YellowSemiTractor.png
    c:\program files\explorer\Styles\SymbolImages\Weather\Cloudy.png
    c:\program files\explorer\Styles\SymbolImages\Weather\HeatAdvisory.png
    c:\program files\explorer\Styles\SymbolImages\Weather\Lightning.png
    c:\program files\explorer\Styles\SymbolImages\Weather\PartlySunny.png
    c:\program files\explorer\Styles\SymbolImages\Weather\Rain.png
    c:\program files\explorer\Styles\SymbolImages\Weather\Snow.png
    c:\program files\explorer\Styles\SymbolImages\Weather\Sunny.png
    c:\program files\explorer\Styles\Template.ncfg
    c:\program files\explorer\TilingSchemes\ArcGIS_Online_Bing_Maps_Google_Maps.xml
    c:\program files\explorer\TilingSchemes\GoogleMapsVersions.xml
    c:\program files\explorer\TilingSchemes\Yahoo.xml
    c:\program files\Extension Changer\extmain.exe
    c:\program files\UNICCodec
    c:\programdata\Microsoft\Windows\Start Menu\Programs\UNICCodec
    c:\users\cswright\AppData\Roaming\7za.exe
    c:\users\cswright\AppData\Roaming\Desktopicon
    c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UNICCodec
    c:\windows\iun6002.exe
    c:\windows\PFRO.log
    c:\windows\System32\drivers\etc\hosts.bak1
    c:\windows\System32\drivers\etc\hosts.bak2
    c:\windows\system32\drivers\npf.sys
    c:\windows\system32\jucheck.exe
    c:\windows\system32\jusched.exe
    c:\windows\system32\Packet.dll
    c:\windows\system32\regobj.dll
    c:\windows\system32\wpcap.dll
    c:\windows\ZC0302Cap.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_NPF
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
    .
    .
    2011-11-02 15:13 . 2011-11-02 15:17 -------- d-----w- c:\users\cswright\AppData\Local\temp
    2011-11-02 15:13 . 2011-11-02 15:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2011-11-02 15:13 . 2011-11-02 15:13 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
    2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
    2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
    2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
    2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
    2011-10-30 17:10 . 2011-11-02 13:49 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
    2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
    2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
    2011-10-30 16:45 . 2011-11-02 13:49 -------- d-----w- c:\programdata\MFAData
    2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
    2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
    2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
    2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
    2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
    2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
    2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
    2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
    2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
    2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
    2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
    2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
    2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
    2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
    2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
    2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
    2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
    2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
    2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
    2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
    2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
    2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
    2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
    2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-10-04 21:27 . 2011-10-23 05:16 -------- d-----w- c:\program files\Agrar Simulator 2011
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
    2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
    2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
    2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
    2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
    2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
    2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    .
    [7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
    [7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
    [7] 2006-11-02 . E86CF7CE67D5DE898F27EF884DC357D8 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6000.16386_none_22210ce737ee2d9b\asyncmac.sys
    .
    [7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
    [7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
    [7] 2006-11-02 . AC3DD1708B22761EBD7CBE14DCC3B5D7 . 6144 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys
    .
    [7] 2008-02-13 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_a81145df\kbdclass.sys
    [7] 2008-02-13 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
    [7] 2008-02-13 . C9B0CF786D5F151A43C7BE8E243F2819 . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
    [7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\drivers\kbdclass.sys
    [7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
    [7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
    [7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
    [7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
    [7] 2006-11-02 . 1A48765F92BA1A88445FC25C9C9D94FC . 32872 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
    .
    [7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys
    [7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
    [7] 2008-01-19 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
    [7] 2006-11-02 . 227C11E1E7CF6EF8AFB2A238D209760C . 500840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
    .
    [7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys
    [7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
    [7] 2008-01-19 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
    [7] 2008-01-09 . 2620822A21B76375F5FD6E0986407CD1 . 1060920 . . [6.0.6000.16586] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
    [7] 2008-01-09 . B5BE45B1F554DF9E1976CBC855365E60 . 1061432 . . [6.0.6000.20709] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
    [7] 2007-12-16 . F08824715CA6076F5E73E005AB83B9C8 . 1061944 . . [6.0.6000.20740] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys
    [7] 2007-12-16 . 37430AA7A66D7A63407ADC2C0D05E9F6 . 1060920 . . [6.0.6000.16615] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
    [7] 2006-11-02 . 3F379380A4A2637F559444E338CF1B51 . 1056360 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
    .
    [7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
    [7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
    [7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys
    .
    [7] 2011-06-17 . 6647FCE6FC4970DAAFE5C64C794513D3 . 913296 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
    [7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\System32\drivers\tcpip.sys
    [7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
    [7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
    [7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
    [7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
    [7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
    [7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
    [7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
    [7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
    [7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
    [7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
    [7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
    [7] 2009-08-15 . 2512B4D1353370D6688B1AF1F5AFA1CF . 816640 . . [6.0.6000.21108] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
    [7] 2009-08-14 . 8A7AD2A214233F684242F289ED83EBC3 . 897608 . . [6.0.6001.18311] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
    [7] 2009-08-14 . 2608E71AAD54564647D4BB984E1925AA . 900168 . . [6.0.6001.22497] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
    [7] 2009-08-14 . FF71856BD4CD6D4367F9FD84BE79A874 . 905784 . . [6.0.6002.22200] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
    [7] 2009-08-14 . 65877AA1B6A7CB797488E831698973E9 . 904776 . . [6.0.6002.18091] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
    [7] 2009-08-14 . 300208927321066EA53761FDC98747C6 . 813568 . . [6.0.6000.16908] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
    [7] 2009-04-11 . 0E6B0885C3D5E4643ED2D043DE3433D8 . 897000 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
    [7] 2008-04-26 . 82E266BEE5F0167E41C6ECFDD2A79C02 . 891448 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
    [7] 2008-04-26 . 01EC1E92595F839BEE70D439C46796E3 . 891448 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
    [7] 2008-02-13 . 5DF77458AA92FDB36FCE79C60F74AB5D . 803328 . . [6.0.6000.16627] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
    [7] 2008-02-13 . 52A8BD6294F7D1443C6184C67AE13AF4 . 806400 . . [6.0.6000.20752] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
    [7] 2008-01-19 . FC6E2835D667774D409C7C7021EAF9C4 . 891448 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
    [7] 2008-01-09 . 028061C7F6D2D03068C72E2A27E4228A . 802816 . . [6.0.6000.16567] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
    [7] 2008-01-09 . 43EAE40B50FE3E60D194DD9C97EBB1FD . 804352 . . [6.0.6000.20689] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
    [7] 2006-11-02 . D944522B048A5FEB7700B5170D3D9423 . 802816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
    .
    [7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
    [7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
    [7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll
    .
    [7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
    [7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
    [7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
    [7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
    [7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
    [7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
    [7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
    [7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
    [7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
    [7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
    [7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
    [7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
    [7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
    [7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
    [7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
    [7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
    [7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
    .
    [7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
    [7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
    [7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll
    .
    [7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
    [7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
    [7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll
    .
    [7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
    [7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
    [7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
    [7] 2008-01-04 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll
    [7] 2008-01-04 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
    [7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
    .
    [7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
    [7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
    [7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
    [7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
    [7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
    [7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
    [7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
    [7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
    .
    [7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
    [7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
    [7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
    [7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
    .
    [7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
    [7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
    [7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
    [7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
    [7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
    [7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
    [7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
    [7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
    .
    [7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
    [7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
    [7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
    [7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
    .
    [7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\System32\wuauclt.exe
    [7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
    [7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
    [7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
    [7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
    [7] 2008-01-04 . F3E9065EB617A7E3A832A7976BFA021B . 53080 . . [7.0.6000.381] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6000.381_none_981d19142bc9942c\wuauclt.exe
    [7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
    .
    [7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
    [7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
    [7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
    [7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
    [7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
    [7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
    [7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
    [7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
    [7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
    [7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
    [7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
    [7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
    [7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
    [7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
    [7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
    [7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
    [7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
    [7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll
    [7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
    [7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
    .
    [7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
    [7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
    [7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
    [7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
    .
    [7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
    [7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
    [7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
    [7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
    [7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
    [7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
    [7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
    [7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll
    .
    [7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
    [7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
    [7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
    [7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
    .
    [7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
    [7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
    [7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
    [7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
    [7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
    [7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
    [7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
    [7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
    [7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
    [7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
    [7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
    [7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
    .
    [7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
    [7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
    .
    [7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
    [7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
    [7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
    [7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
    [7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
    [7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
    [7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
    [7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
    [7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
    [7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
    [7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
    [7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
    [7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
    [7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
    [7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
    [7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
    [7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
    [7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
    [7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll
    .
    [7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
    [7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll
    [7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
    [7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
    [7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
    [7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
    [7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
    [7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
    [7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
    [7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
    [7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
    [7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
    [7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
    [7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
    [7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
    [7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
    [7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
    [7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
    [7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
    [7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
    [7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
    [7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
    [7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
    [7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
    [7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll
    [7] 2009-10-21 . 159239C8EF4D26392F9C160369348C61 . 5943296 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll
    [7] 2009-10-21 . 9BFB2F7C3A2F626040C4EB8CE5C6ED2A . 5939712 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll
    [7] 2009-08-27 . E9C51FD04019DC14CAE9CEDE3C7B08E3 . 5942272 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\mshtml.dll
    [7] 2009-08-27 . 7172C1681283EC40A8DA9ED4180FF390 . 5940224 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\mshtml.dll
    [7] 2009-07-22 . 8FD67A68AF3E2013DC668D3DD1519BB7 . 5938176 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll
    [7] 2009-07-21 . 2620C82EEEBED884FAA1E00C4671E83A . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll
    [7] 2009-05-12 . 5F3B323A3758C9B156B199F54A888882 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22874_none_f66e22e151498188\mshtml.dll
    [7] 2009-05-09 . 89CCF8069B59780BDEF45E345E671347 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18783_none_f5d8b5e03834e458\mshtml.dll
    [7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
    [7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
    [7] 2008-06-27 . 2B59221D1B9D9FB1D202A21AFE8E410A . 3578368 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18099_none_12eac5ea226a5aa4\mshtml.dll
    [7] 2008-06-27 . B964D58A6698C8FCA93447ADBDE18820 . 3592192 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16711_none_1153063a250a1c9a\mshtml.dll
    [7] 2008-06-27 . 256E9D588ACB7F104123947297A9302A . 3578880 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22212_none_13c3e1f53b4d66ac\mshtml.dll
    [7] 2008-06-27 . 1D73575D8A0F368CD8FE3212E8928743 . 3594240 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20868_none_11ad956f3e49f97a\mshtml.dll
    [7] 2008-04-25 . 2C2A85BBAB617EDDD19119F66C05B1C3 . 3578368 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18063_none_130533f222576ec7\mshtml.dll
    [7] 2008-04-25 . 13A0AA60B35A6A13152A759536C10203 . 3591680 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16681_none_110754e02542e30a\mshtml.dll
    [7] 2008-04-25 . 92A81ADE1E576A53176777260190F3A1 . 3578368 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22167_none_1392d1e53b7173ed\mshtml.dll
    [7] 2008-04-25 . 38EC352C600EB037FE02749F8C170B6B . 3593728 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20823_none_11d3d3ad3e2e0b03\mshtml.dll
    [7] 2008-02-22 . 9C4091CD321D6D8BCF9842F109EE574B . 3578368 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll
    [7] 2008-02-22 . ED2588D1864319C54E79443130A8004B . 3593728 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll
    [7] 2008-02-22 . 977C356E655F357665310C0C95D0DBD4 . 3578368 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll
    [7] 2008-02-21 . 3AE6072A86AD8049DD133DB40F73F0C8 . 3591680 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll
    [7] 2008-02-13 . 31DCF20D4E65A972640CE77635F1039B . 3592192 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16609_none_1165d69024face3a\mshtml.dll
    [7] 2008-02-13 . 5C23F9EFAFD87043D8CA49B9308E3D29 . 3593216 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20734_none_11ca02253e354324\mshtml.dll
    [7] 2008-01-19 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
    [7] 2008-01-04 . 6C5DC8B0F44658C550CB371C85BCAE56 . 3590656 . . [7.00.6000.16587] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16587_none_110d54b6253d7ded\mshtml.dll
    [7] 2008-01-04 . E2FFAA76A5DEFA1A680F2D32E18D443B . 3593216 . . [7.00.6000.20710] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20710_none_11dba0d53e28a5e6\mshtml.dll
    [7] 2007-08-23 . 24C5786C3A9ED534409D5DA0B56504D6 . 3584000 . . [7.00.6000.20591] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477\mshtml.dll
    [7] 2007-08-23 . 1F8EBB4387471DF7E7160F981BDEAFB7 . 3583488 . . [7.00.6000.16481] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc\mshtml.dll
    [7] 2007-08-23 . 88BAE1EF672DCB0E3191EB106A677D4A . 3582976 . . [7.00.6000.20547] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20547_none_11c22f4b3e3ab0cc\mshtml.dll
    [7] 2007-08-23 . 7B57E7A3307D38C3441076E6B6CAD866 . 3581952 . . [7.00.6000.16448] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16448_none_113992ca251c2a59\mshtml.dll
    [7] 2007-08-23 . 070B5BE00CCC851F7C8B39CD1609B009 . 3580416 . . [7.00.6000.16397] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16397_none_110280fe25459f90\mshtml.dll
    [7] 2007-08-23 . 7D22E0D46A572614D6BE2DE7B4529076 . 3580416 . . [7.00.6000.20491] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20491_none_11861c0d3e68a750\mshtml.dll
    [7] 2006-11-02 . 2D972F487EACEBBB2B3A02F290C3511A . 3580416 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16386_none_110c50a0253e6a48\mshtml.dll
    .
    [7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\System32\msvcrt.dll
    [7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
    [7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
    [7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll
    [-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll
    .
    [7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
    [7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
    [7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
    [7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
    .
    [7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
    [7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
    [7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
    [7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
    .
    [7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
    [7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
    [7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
    [7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
    .
    [7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
    [7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
    [7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
    [7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
    .
    [7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
    [7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll
    [7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
    .
    [7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
    [7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
    [7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
    .
    [7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
    [7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
    [7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
    [7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll
    .
    [7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
    [7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
    [7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
    [7] 2007-08-23 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
    [7] 2007-08-23 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
    [7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
    .
    [7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
    [7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
    [7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
    .
    [7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
    [7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll
    [7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
    [7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
    [7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
    [7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
    [7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
    [7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
    [7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
    [7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
    [7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
    [7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
    [7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
    [7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
    [7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
    [7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
    [7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
    [7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
    [7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
    [7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
    [7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
    [7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
    [7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
    [7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
    [7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
    [7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
    [7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
    [7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
    [7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
    [7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
    [7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
    [7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
    [7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
    [7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
    [7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
    [7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
    [7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
    [7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
    [7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
    [7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
    [7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
    [7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
    [7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
    [7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
    [7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
    [7] 2008-02-13 . 0AD9BE4F82F0389EC9B8A58F2FD16442 . 824832 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16609_none_000bb771a4a46504\wininet.dll
    [7] 2008-02-13 . 39FBDEC53D5F7C5F4B7C35B9B1926A0F . 825344 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20734_none_006fe306bdded9ee\wininet.dll
    [7] 2008-01-19 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
    [7] 2008-01-04 . F3B7B70B789056994406377CA8B06829 . 824832 . . [7.00.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16575_none_ffbc04efa4e0c618\wininet.dll
    [7] 2008-01-04 . 0683CBA27E3111CB87B682CA66475C0C . 825344 . . [7.00.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20697_none_00320276be0cd072\wininet.dll
    [7] 2007-08-23 . 355F1F19DAAD8F769936752F993EA8BF . 823808 . . [7.00.6000.20583] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe\wininet.dll
    [7] 2007-08-23 . 9C1C977FA682D428C7133CF29013211B . 822784 . . [7.00.6000.16473] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643\wininet.dll
    [7] 2007-08-23 . 1EA5200F3D45EFDFC25F630A52DDF9E5 . 823296 . . [7.00.6000.20547] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20547_none_0068102cbde44796\wininet.dll
    [7] 2007-08-23 . 7DBB98EBB2D267ACF9E6BC04AEC6CBF3 . 822784 . . [7.00.6000.16448] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16448_none_ffdf73aba4c5c123\wininet.dll
    [7] 2006-11-02 . 214A456AADCC7DD1B36E2287BA71A9CA . 822272 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
    .
    [7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
    [7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
    [7] 2006-11-02 . D99A071C1018BB3D4ABAAD4B62048AC2 . 178688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
    .
    [7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
    [7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
    .
    [7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
    [7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
    [7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
    [7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
    [7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
    [7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
    [7] 2008-01-19 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
    [7] 2008-01-04 . 6D06CD98D954FE87FB2DB8108793B399 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
    [7] 2008-01-04 . BD06F0BF753BC704B653C3A50F89D362 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
    [7] 2006-11-02 . FD8C53FB002217F6F888BCF6F5D7084D . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
    .
    [7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
    [7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
    [7] 2006-11-02 . F13123E76FDA33E55F11E0EB832E832A . 134656 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
    .
    [7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
    [7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
    [7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
    [7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
    [7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
    [7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
    [7] 2008-01-19 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
    [7] 2006-11-02 . CCE6FB960F8985BF500CE9CB0B2EF4CF . 1314816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll
    .
    [7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
    [7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
    [7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
    [7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
    [7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
    [7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
    [7] 2008-01-19 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
    [7] 2006-11-02 . 456FB859236C9074ACF6C3B6243D8B46 . 502784 . . [1.0626.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6000.16386_none_aac3b7125b914f5a\usp10.dll
    .
    [7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
    [7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6000.16386_none_e5cada609a6133bd\ksuser.dll
    [7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
    .
    [7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
    [7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
    .
    [7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
    [7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
    [7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
    [7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
    [7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
    [7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
    [7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
    [7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
    [7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
    [7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
    .
    [7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
    [7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
    .
    [7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
    [7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
    [7] 2006-11-02 . D4385B03E8CCCEE6F0EE249F827C1F3E . 95744 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
    .
    [7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
    [7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
    [7] 2008-01-19 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
    [7] 2006-11-02 . 9A043808667C8C1893DA7275AF373F0E . 105984 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6000.16386_none_872f43bd868c402d\regsvc.dll
    .
    [7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
    [7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
    [7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
    [7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
    [7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
    [7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
    [7] 2008-02-13 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
    [7] 2008-02-13 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
    [7] 2008-01-19 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
    [7] 2006-11-02 . 5C72614E6625D39CC1504BF078FDC4CA . 595456 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16386_none_2cca5c959a1767e4\schedsvc.dll
    .
    [7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
    [7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
    [7] 2006-11-02 . 8D3E4BAFF8B3997138C38EB1B600519A . 155136 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6000.16386_none_7d92b0efd44d38e1\ssdpsrv.dll
    .
    [7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
    [7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
    [7] 2008-01-19 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
    [7] 2006-11-02 . FAD71C1E8E4047B154E899AE31EB8CAA . 427520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll
    .
    [7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
    [7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
    [7] 2006-11-02 . 312BA286EB3BE9EAE82DA427ED2C0284 . 291840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6000.16386_none_adff83b897ae75bd\hnetcfg.dll
    .
    [7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
    [7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
    [7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
    [7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
    [7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys
    [7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
    .
    [7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
    [7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
    [7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
    [7] 2006-11-02 . D7657856319941907BBDC2A11713CFD7 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6000.16386_none_f6ca18a8459b3244\ias.dll
    .
    [7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
    [7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
    [7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
    [7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
    [7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
    [7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
    .
    [7] 2011-06-20 . A94B3B8B4B35ACA0290A2A8CC2977094 . 3603856 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntkrnlpa.exe
    [7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\System32\ntkrnlpa.exe
    [7] 2011-06-20 . 31AD5148F09D539BAF06D0A0FA53CD8B . 3602832 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntkrnlpa.exe
    [7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe
    [7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe
    [7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe
    [7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe
    [7] 2010-06-08 . 3FAFA4C0567D205F56C15D8B9D469F9D . 3601792 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntkrnlpa.exe
    [7] 2010-06-08 . E3A2697835A14C75B233606357AB46DD . 3600768 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntkrnlpa.exe
    [7] 2010-06-08 . 4F332C0A64F4209EB322DB35310BA879 . 3598216 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntkrnlpa.exe
    [7] 2010-06-08 . 560C7E5036D6D0F9CC4AED5DE885DB8A . 3600784 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntkrnlpa.exe
    [7] 2010-02-18 . AF2FC3FE3AD6860A808B237171BA6EED . 3600776 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe
    [7] 2010-02-18 . D8077969EE22B889B793D076FDCA7066 . 3502480 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe
    [7] 2010-02-18 . C2334AE54E10BCA2631660F649010B03 . 3598216 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe
    [7] 2010-02-18 . 642161C66547496ACCD2794AB6B4284F . 3504008 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe
    [7] 2010-02-18 . 1FED62B16D372E169CF355B2F3210A65 . 3601800 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe
    [7] 2010-02-18 . 8BBC454D2F91D92E3E73DB5B5A0D8D8E . 3600776 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe
    [7] 2009-08-05 . 2E6E7BA5C8764F80ADA7D4C98E8B5D4A . 3599960 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntkrnlpa.exe
    [7] 2009-08-05 . FF493ACD34EE896B8D114918439FAF10 . 3502152 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntkrnlpa.exe
    [7] 2009-08-05 . FBA1B3594C1F691F1FA917ADE45D1DB5 . 3597896 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntkrnlpa.exe
    [7] 2009-08-05 . 5FBCBEBDC19FB9A3F9C102D30FCD1E9E . 3599928 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntkrnlpa.exe
    [7] 2009-08-05 . 6AD406205B25DC4EFBBCB044744248AD . 3503688 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntkrnlpa.exe
    [7] 2009-08-04 . 0517782FC7FEDBEBFAD15566E75B732F . 3600456 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntkrnlpa.exe
    [7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
    [7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe
    [7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe
    [7] 2009-03-03 . 06BCF21AAA1890328D1F58F0ACBE668D . 3503584 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe
    [7] 2009-03-03 . 191C702B48681FB2BA5A96F416207ACF . 3505120 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe
    [7] 2008-09-18 . 3EB08788832D9048C617559CEFD208CF . 3601464 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe
    [7] 2008-09-18 . DC870DCAA25E5CC1C8A50FAC19CCED45 . 3601976 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe
    [7] 2008-09-18 . E67F6247029F6311E643532D2CFFE667 . 3505208 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe
    [7] 2008-09-18 . 084A3A26A3D1A75D0705D963C0289DD5 . 3506744 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe
    [7] 2008-04-26 . 6BB1994F5B62FEF6268F1EBB4014E293 . 3600952 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe
    [7] 2008-04-26 . 68EEF02A8846442FE98AD0E0517EE6BC . 3601464 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe
    [7] 2008-02-13 . 0BE027340C32D14ABECDA068E45E532A . 3504696 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntkrnlpa.exe
    [7] 2008-02-13 . 4821AB9F49B32CC17887AE861895826E . 3505720 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntkrnlpa.exe
    [7] 2008-01-19 . FE51E8DBBEF2D01EF886499FECBF2D78 . 3600440 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntkrnlpa.exe
    [7] 2008-01-04 . A676D072FF3967821EC292F5C885A32D . 3504824 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntkrnlpa.exe
    [7] 2008-01-04 . 99AC9F5573F9376970A82D77731BE62A . 3504824 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntkrnlpa.exe
    [7] 2008-01-04 . A59C7EA8F866BA9EBE06CB57F01FA5E1 . 3504824 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntkrnlpa.exe
    .
    [7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
    [7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
    [7] 2006-11-02 . 8EB871A3DEB6B3D5A85EB6DDFC390B59 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6000.16386_none_bfb172793798ecfb\upnphost.dll
    .
    [7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
    [7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
    [7] 2008-01-19 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
    [7] 2006-11-02 . 68AC082734363E6BA813E7EAA353DB13 . 445440 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6000.16386_none_5664fc5c44f7ce2c\dsound.dll
    .
    [7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
    [7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
    [7] 2008-01-19 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
    [7] 2006-11-02 . E72A22DCF0733AC06695ACD2268F6EB3 . 1788416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6000.16386_none_c016aaa963db2525\d3d9.dll
    .
    [7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
    [7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
    [7] 2006-11-02 . 29EF7A2EE634DD701571E781DE5E7E91 . 528384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6000.16386_none_02cee0f0c3162de9\ddraw.dll
    .
    [7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
    [7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
    [7] 2008-01-19 07:36 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
    [7] 2006-11-02 09:46 . DF54915B3DD106854F18C678BEB2977D . 88576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6000.16386_none_37dcf89704c935aa\olepro32.dll
    .
    [7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
    [7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6000.16386_none_2f3c7bc7602ec1c4\perfctrs.dll
    [7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
    [7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
    .
    [7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
    [7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
    [7] 2008-01-19 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
    [7] 2006-11-02 . D8C819157EBA10401FD25FB48184EF24 . 20480 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6000.16386_none_12c78d3353faab20\version.dll
    .
    [7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_129e8cd2491214ae\iexplore.exe
    [7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_1218f12f2ff0da40\iexplore.exe
    [7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_12cfce3e48ec3cf4\iexplore.exe
    [7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_12355fcb2fdc2111\iexplore.exe
    [7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe
    [7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe
    [7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe
    [7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe
    [7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe
    [7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe
    [7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe
    [7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe
    [7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe
    [7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe
    [7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe
    [7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe
    [7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe
    [7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe
    [7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
    [7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
    [7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe
    [7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe
    [7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe
    [7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe
    [7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe
    [7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe
    [7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe
    [7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe
    [7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
    [7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
    [7] 2008-06-27 . 157F8DE991396C536820D7FA5C8DCF7D . 625664 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe
    [7] 2008-06-27 . 4DBD95312B1C96C5285D38F1D748CD4D . 625664 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe
    [7] 2008-04-25 . 07ED775D6DB4BFA96D7CFB09EB228418 . 625664 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe
    [7] 2008-04-25 . 9F1427F203CA078005C9943800929640 . 625664 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe
    [7] 2008-02-22 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
    [7] 2008-02-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
    [7] 2008-02-13 . 9143C721DD6482374EFB35BC35944324 . 625664 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\iexplore.exe
    [7] 2008-02-13 . 7F2693693511F7ECD2762081F2F19864 . 625664 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20734_none_2de8ef92360a48d1\iexplore.exe
    [7] 2008-01-19 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
    [7] 2008-01-04 . 7023BC3AF58F0C47856AF147E290D81A . 625152 . . [7.00.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16575_none_2d35117b1d0c34fb\iexplore.exe
    [7] 2008-01-04 . 4C1528C481FFE6E4EFE4BAC7271CE251 . 625664 . . [7.00.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20697_none_2dab0f0236383f55\iexplore.exe
    [7] 2007-08-23 . 9B3516C1F30DA17ADD3818573047D63C . 625152 . . [7.00.6000.20583] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_2db1dbe03633c0e1\iexplore.exe
    [7] 2007-08-23 . 10BDB55982586A432A3951EB19A26009 . 625152 . . [7.00.6000.16473] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_2d330f011d0e0526\iexplore.exe
    [7] 2006-11-02 . 8308F01F27DF839E0010B0F72F855E35 . 623616 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16386_none_2d2b3e0d1d136ff5\iexplore.exe
    .
    .
    .
    [7] 2011-06-20 . BF4B9F40116DF26B2FC7C20CB69B9D9A . 3552144 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntoskrnl.exe
    [7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\System32\ntoskrnl.exe
    [7] 2011-06-20 . C73E0BEB5062C94B68581642304F7BB4 . 3550096 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntoskrnl.exe
    [7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
    [7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
    [7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
    [7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
    [7] 2010-06-08 . C5AB434D0C8FA38EAD136FB29E2504B7 . 3550600 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
    [7] 2010-06-08 . F2BEE482023F146CF85EBB15B9E1CD35 . 3548040 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
    [7] 2010-06-08 . D5FA5D17F03E6D39E1A12431DD6F2A39 . 3545992 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
    [7] 2010-06-08 . 47DB9968B8CF2031C46007F42CCE2437 . 3548552 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
    [7] 2010-02-18 . C5759C9345A06EE52C7F5ECCF685CA6D . 3548560 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe
    [7] 2010-02-18 . DC44BF78DEB87B7737D0D29B5B8EDAE3 . 3468168 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe
    [7] 2010-02-18 . 6025E5530E2C43E1983CC8B840DF2108 . 3545992 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe
    [7] 2010-02-18 . F8BEC470EAA8621751F739585C5871CD . 3470216 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe
    [7] 2010-02-18 . 31289DD6914686D088582EED4B43F826 . 3550088 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe
    [7] 2010-02-18 . A5D0B405442724448D23D61821BEA92A . 3548040 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe
    [7] 2009-08-05 . 3EEEDCCFB587BCB0E2DE075332498C11 . 3547736 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
    [7] 2009-08-05 . 4765C66A89E7151626FF3545B01D2601 . 3467864 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
    [7] 2009-08-05 . 5302026B0FADB0819009798D3F6BCD77 . 3546184 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
    [7] 2009-08-05 . 09C5FB44F152EFF551A112C931DDE640 . 3548216 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
    [7] 2009-08-05 . D8DCA438CE571DB20BD8C4915CAC0760 . 3469896 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
    [7] 2009-08-04 . 575DD16BF4C21C2F7E2BBE203AC1E957 . 3548216 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
    [7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
    [7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
    [7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
    [7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
    [7] 2009-03-03 . 808C86316AED98716C5F305A6265F393 . 3471328 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
    [7] 2008-09-18 . 1FD3E8BFFD38F9B145E4B2B238B692F7 . 3549240 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
    [7] 2008-09-18 . DEA801F2D9FD1DB35ED6B9BC4A6657F1 . 3549752 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
    [7] 2008-09-18 . 03279407E78F76BA1131DAB35A5E55C0 . 3470904 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
    [7] 2008-09-18 . 1E09CE4D9BB7B6521FB023CAE2E55F63 . 3472952 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
    [7] 2008-04-26 . C9CD31B3CBA8134F2B47FB5E78376ACC . 3549240 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
    [7] 2008-04-26 . 22D444D3D88A4C299894B3638A114BF7 . 3549240 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
    [7] 2008-02-13 . A0BF353A68B434F2BBFF238FEEB51486 . 3470392 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntoskrnl.exe
    [7] 2008-02-13 . B23072AE0FD60A2BE57FD48F81DDB5BB . 3471928 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntoskrnl.exe
    [7] 2008-01-19 . 6700F35EBA206E5C89AC27C9A124DC01 . 3548728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
    [7] 2008-01-04 . 0E8F7801D17C7437CEE216099B975163 . 3471032 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntoskrnl.exe
    [7] 2008-01-04 . 9E6991F557248A5E6E742D1081583969 . 3471544 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntoskrnl.exe
    [7] 2008-01-04 . 99B743BE7149970EB8D9C48FB0A41BF7 . 3470520 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntoskrnl.exe
    [7] 2008-01-04 . 4F2488EC5D0EBFE868F47681BCF315D3 . 3470008 . . [6.0.6000.16514] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntoskrnl.exe
    [7] 2008-01-04 . 2D202D94C6D0EC6B1483D2D47016FA0A . 3470520 . . [6.0.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntoskrnl.exe
    [7] 2008-01-04 . 2DF67260DD3167402ABC14DC11112686 . 3472056 . . [6.0.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntoskrnl.exe
    [7] 2007-08-23 . F28BD6C5F56EF09744D11482A8B7C34B . 3470008 . . [6.0.6000.20591] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20591_none_6a736cf7d0623bc3\ntoskrnl.exe
    [7] 2006-11-02 . 883D5B644BFA3DC7298D4731B13AF499 . 3467880 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntoskrnl.exe
    .
    [7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
    [7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
    [7] 2008-01-19 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
    [7] 2006-11-02 . 62B0D0F6F5580D9D0DFA5E0B466FF2ED . 270848 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6000.16386_none_8670a1b3705f945b\w32time.dll
    .
    [7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
    [7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
    [7] 2008-01-19 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
    [7] 2006-11-02 . A941E099EF46E3CC12F898CBE1C39910 . 451584 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6000.16386_none_305d7915b6684b33\wiaservc.dll
    .
    [7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
    [7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
    [7] 2008-01-19 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
    [7] 2006-11-02 . 848E745A842F903FD521DB585AB00D97 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6000.16386_none_8ac7060813a4d0d2\midimap.dll
    .
    [7] 2010-05-05 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
    [7] 2010-05-05 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
    [-] 2004-05-13 . C5ABBBD9C7307679B4FBA203213A6FD4 . 6144 . . [5.1.2600.0] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasadhlp.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-11 399736]
    "SansaDispatch"="c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2009-04-12 79872]
    "Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
    "Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
    "googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-08-03 534312]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
    "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
    "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
    "Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
    "amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
    "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
    "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
    "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-08-03 534312]
    .
    c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
    MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
    Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
    VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
    R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
    R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
    R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
    R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
    R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
    S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
    S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
    S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
    S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-08-03 269096]
    S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
    S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
    S2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
    S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
    S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
    - c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = my.daemon-search.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    AddRemove-Recover My Files_is1 - s:\recover my files v4\unins000.exe
    .
    .
    .
    **************************************************************************
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files:
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35,\
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
    "dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
    65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
    "iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    "haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
    27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
    "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
    "datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
    76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
    "rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(3812)
    c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
    c:\windows\system32\nvvsvc.exe
    c:\program files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\windows\ehome\ehRecvr.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\program files\McAfee\Common Framework\FrameworkService.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\Microsoft LifeCam\MSCamS32.exe
    c:\program files\McAfee\Common Framework\naPrdMgr.exe
    c:\program files\AVG\AVG2012\avgnsx.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\windows\system32\DRIVERS\xaudio.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\windows\ehome\ehsched.exe
    c:\windows\system32\conime.exe
    c:\windows\system32\WUDFHost.exe
    .
    **************************************************************************
    .
    Completion time: 2011-11-02 11:36:25 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-11-02 15:36
    .
    Pre-Run: 113,687,846,912 bytes free
    Post-Run: 116,624,883,712 bytes free
    .
    - - End Of File - - 0F3F5E8962B3B1B7CF3948E7B4004B94
     
  10. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi thecrazycanuck,


    • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
      Code:
      DDS:: 
      mRun: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
      mRunServices: [Host Driver] c:\users\cswright\appdata\local\temp\dfbhost.exe
      
      DirLook::
      c:\users\cswright\AppData\Roaming\Xaiqsu
      c:\users\cswright\AppData\Roaming\Tyxyp
      
      RegLock::
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      @Denied: (2) (LocalSystem)
      "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35, \
      "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,04,82,33,03,7f,a5,4a,9f,7c,35, \
      
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      RegNull::
      [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
      [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
      [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
      
    • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

      [​IMG]
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
    • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
    • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

    CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
    ----------
     
  11. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    ComboFix 11-11-02.01 - cswright 02/11/2011 16:36:34.1.4 - x86 NETWORK
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2386 [GMT -4:00]
    Running from: c:\users\cswright\Desktop\ComboFix.exe
    Command switches used :: c:\users\cswright\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
    .
    .
    2011-11-02 21:01 . 2011-11-02 21:02 -------- d-----w- c:\users\cswright\AppData\Local\temp
    2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
    2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-11-02 21:01 . 2011-11-02 21:01 -------- d-----w- c:\users\Charles Wright\AppData\Local\temp
    2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
    2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
    2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
    2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
    2011-10-30 17:10 . 2011-11-02 15:53 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
    2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
    2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
    2011-10-30 16:45 . 2011-11-02 15:53 -------- d-----w- c:\programdata\MFAData
    2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
    2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
    2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
    2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
    2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
    2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
    2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
    2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
    2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
    2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
    2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
    2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
    2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
    2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
    2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
    2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
    2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
    2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
    2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
    2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
    2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
    2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
    2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
    2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-10-04 21:27 . 2011-10-23 05:16 -------- d-----w- c:\program files\Agrar Simulator 2011
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
    2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
    2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
    2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
    2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
    2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
    2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    ---- Directory of c:\users\cswright\AppData\Roaming\Tyxyp ----
    .
    .
    ---- Directory of c:\users\cswright\AppData\Roaming\Xaiqsu ----
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-11 399736]
    "SansaDispatch"="c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2009-04-12 79872]
    "Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
    "Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
    "googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
    "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
    "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
    "Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
    "amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
    "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
    "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
    .
    c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
    MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
    Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
    VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
    R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
    R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
    R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-11-02 211240]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
    R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
    R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
    R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
    R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
    R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
    R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
    R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
    R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
    S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
    S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
    S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ECACHE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-02 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
    - c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = my.daemon-search.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-11-02 17:02
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
    "dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
    65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
    "iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    "haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
    27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
    "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
    "datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
    76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
    "rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(828)
    c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    Completion time: 2011-11-02 17:05:03
    ComboFix-quarantined-files.txt 2011-11-02 21:05
    ComboFix2.txt 2011-11-02 15:36
    .
    Pre-Run: 116,753,104,896 bytes free
    Post-Run: 116,711,051,264 bytes free
    .
    - - End Of File - - 1232632A9271B1125D910420B2C86B90
     
  12. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi thecrazycanuck,

    P2P - I see you have P2P software µTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page will give you further information.

    Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

    I would strongly recommend that you uninstall these now. You can do so via Control Panel >> Programs and Features.
    ----------

    Please download Malwarebytes' Anti-Malware to your desktop.


    • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

      [​IMG]
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.



    The log can also be found here:
    C:\Documents and Settings\<User name>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    ----------

    ESET Online Scanner
    I'd like us to scan your machine with ESET Online Scan

    Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



    As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.

    • Do not use this instance of your browser for anything besides doing this scan
    • When the scan is complete and the results saved, close that instance of your browser
    • Open a new one the usual way and post the results in this topic.




    1. Right-click and Run as Administartor on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the [​IMG] button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on [​IMG] to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the [​IMG] icon on your desktop.
    4. Check [​IMG]
    5. Click the Start button.
    6. Accept any security warnings from your browser.
    7. Check [​IMG]
    8. Make sure that the option "Remove found threats" is Unchecked
    9. Push the Start button.
    10. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
    11. When the scan completes, push [​IMG]
    12. Push [​IMG], and save the file to your desktop using a unique name, such as
      ESETScan. Include the contents of this report in your next reply.
    13. Push the Back button.
    14. Push Finish

    http://www.eset.com/onlinescan/
    ----------

    In your next reply please post the logs created by Malwarebytes and ESET online scanner. :)
     
  13. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8073

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.19154

    02/11/2011 8:21:20 PM
    mbam-log-2011-11-02 (20-21-20).txt

    Scan type: Quick scan
    Objects scanned: 249638
    Time elapsed: 19 minute(s), 2 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 2

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\cswright\AppData\Roaming\microsoft\a1.7z (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\cswright\AppData\Roaming\microsoft\n (Malware.Traces) -> Quarantined and deleted successfully.



    ESET ONLINE SCANNER

    C:\Documents and Settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
    C:\Documents and Settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
    C:\Documents and Settings\cswright\Downloads\freeripmp3.exe Win32/Adware.ADON application
    C:\Documents and Settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
    C:\Documents and Settings\cswright\Downloads\unlocker1.8.7.exe Win32/Adware.ADON application
    C:\Program Files\EA\Bulletstorm\Binaries\Win32\xlive.dll a variant of Win32/Packed.VMProtect.AAD trojan
    C:\Program Files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
    C:\Program Files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll a variant of Win32/Packed.VMProtect.AAA trojan
    C:\Program Files\Unlocker\eBay_shortcuts_1016.exe Win32/Adware.ADON application
    C:\ProgramData\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
    C:\Users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
    C:\Users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
    C:\Users\cswright\Downloads\freeripmp3.exe Win32/Adware.ADON application
    C:\Users\cswright\Downloads\RBOTGEN-Removal-Tool.exe a variant of Win32/SecurityStronghold application
    C:\Users\cswright\Downloads\unlocker1.8.7.exe Win32/Adware.ADON application
    C:\Windows\System32\drivers\smb.sys a variant of Win32/Kryptik.TKY trojan
    N:\Torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso a variant of Win32/Keygen.AO application
    R:\Torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso probably a variant of Win32/IRCBot.GYHNTGB trojan
    R:\Torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso probably a variant of Win32/Adware.Agent.GOYMCER application
     
  14. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi thecrazycanuck,

    • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
      Code:
      File::
      C:\Documents and Settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
      C:\Documents and Settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
      C:\Documents and Settings\cswright\Downloads\freeripmp3.exe 
      C:\Documents and Settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe 
      C:\Documents and Settings\cswright\Downloads\unlocker1.8.7.exe 
      C:\Program Files\EA\Bulletstorm\Binaries\Win32\xlive.dll 
      C:\Program Files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe 
      C:\Program Files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll 
      C:\Program Files\Unlocker\eBay_shortcuts_1016.exe 
      C:\ProgramData\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
      C:\Users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
      C:\Users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi 
      C:\Users\cswright\Downloads\freeripmp3.exe 
      C:\Users\cswright\Downloads\RBOTGEN-Removal-Tool.exe 
      C:\Users\cswright\Downloads\unlocker1.8.7.exe 
      C:\Windows\System32\drivers\smb.sys 
      N:\Torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso 
      R:\Torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso 
      R:\Torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso 
      
    • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

      [​IMG]
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
    • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
    • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
    CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
    ----------

    How is your system running now? :)
     
  15. thecrazycanuck

    thecrazycanuck Thread Starter

    Joined:
    Oct 30, 2011
    Messages:
    13
    System is definitely working better then it was. The boot time has significantly improved.



    ComboFix 11-11-02.01 - cswright 04/11/2011 11:03:50.2.4 - x86 NETWORK
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3071.2443 [GMT -4:00]
    Running from: c:\users\cswright\Desktop\ComboFix.exe
    Command switches used :: c:\users\cswright\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\documents and settings\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
    "c:\documents and settings\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
    "c:\documents and settings\cswright\Downloads\freeripmp3.exe"
    "c:\documents and settings\cswright\Downloads\RBOTGEN-Removal-Tool.exe"
    "c:\documents and settings\cswright\Downloads\unlocker1.8.7.exe"
    "c:\program files\EA\Bulletstorm\Binaries\Win32\xlive.dll"
    "c:\program files\RBOTGEN Removal Tool\RBOTGEN-Removal-Tool.exe"
    "c:\program files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll"
    "c:\program files\Unlocker\eBay_shortcuts_1016.exe"
    "c:\programdata\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
    "c:\users\All Users\Application Data\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
    "c:\users\All Users\VistaCodecs\{146A630B-CF66-4B5E-95BF-478A16039BF3}\Vista Codec Package.msi"
    "c:\users\cswright\Downloads\freeripmp3.exe"
    "c:\users\cswright\Downloads\RBOTGEN-Removal-Tool.exe"
    "c:\users\cswright\Downloads\unlocker1.8.7.exe"
    "c:\windows\System32\drivers\smb.sys"
    "n:\torrent 2\Old Comp Backup\IMAGES\Adobe Photoshop 9 CS2.iso"
    "r:\torrent 5\Games\Death To Spies Moment Of Truth [English][PCDVD][WwW.GamesTorrents.CoM]\sr-dtsmot.iso"
    "r:\torrent 5\Games\Mercenaries.2.World.In.Flames-RELOADEDd\rld-mrc2.iso"
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-10-04 to 2011-11-04 )))))))))))))))))))))))))))))))
    .
    .
    2011-11-04 15:31 . 2011-11-04 15:32 -------- d-----w- c:\users\cswright\AppData\Local\temp
    2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
    2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-11-04 15:31 . 2011-11-04 15:31 -------- d-----w- c:\users\Charles Wright\AppData\Local\temp
    2011-11-03 00:41 . 2011-11-03 00:41 -------- d-----w- c:\program files\ESET
    2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\Malwarebytes
    2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\programdata\Malwarebytes
    2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
    2011-11-03 00:00 . 2011-11-03 00:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-11-03 00:00 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-31 00:00 . 2011-10-31 00:00 -------- d-----w- c:\users\cswright\AppData\Roaming\AVG2012
    2011-10-30 23:47 . 2011-10-30 23:47 -------- d-----w- C:\found.001
    2011-10-30 17:16 . 2011-10-30 17:16 -------- d-----w- C:\$AVG
    2011-10-30 17:11 . 2011-10-30 17:11 -------- d-----w- C:\AVG2012
    2011-10-30 17:10 . 2011-11-04 04:00 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-10-30 17:10 . 2011-10-30 23:59 -------- d-----w- c:\programdata\AVG2012
    2011-10-30 17:09 . 2011-10-30 17:09 -------- d-----w- c:\program files\AVG
    2011-10-30 16:45 . 2011-10-30 16:45 -------- d--h--w- c:\programdata\Common Files
    2011-10-30 16:45 . 2011-11-04 04:01 -------- d-----w- c:\programdata\MFAData
    2011-10-28 23:41 . 2011-10-28 23:49 -------- d-----w- c:\users\cswright\AppData\Roaming\Xaiqsu
    2011-10-28 23:41 . 2011-10-28 23:45 -------- d-----w- c:\users\cswright\AppData\Roaming\Tyxyp
    2011-10-28 16:52 . 2011-10-28 16:52 -------- d-----w- c:\windows\Sun
    2011-10-28 05:57 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FDBAD6F-FDB5-4D2C-BBB0-DD41C06FFD6D}\mpengine.dll
    2011-10-26 14:13 . 2011-10-26 14:13 -------- d-----w- c:\program files\Firefly Studios
    2011-10-26 08:56 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-10-25 21:04 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
    2011-10-25 21:04 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
    2011-10-25 21:04 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
    2011-10-25 21:04 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2011-10-25 21:04 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
    2011-10-25 21:04 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
    2011-10-25 21:04 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
    2011-10-25 21:04 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
    2011-10-25 15:45 . 2011-10-25 15:45 -------- d--h--w- c:\program files\Common Files\EAInstaller
    2011-10-25 13:33 . 2011-10-25 19:08 -------- d-----w- c:\program files\Battlefield 3
    2011-10-21 20:04 . 2011-10-21 20:04 -------- d-----w- c:\users\cswright\AppData\Local\Focus Home Interactive
    2011-10-21 17:16 . 2011-10-21 17:17 -------- d-----w- c:\users\cswright\AppData\Local\PAYDAY
    2011-10-21 17:16 . 2011-10-21 17:16 -------- d-----w- c:\programdata\RELOADED
    2011-10-21 16:40 . 2011-10-22 12:01 -------- d-----w- c:\program files\Payday The Heist
    2011-10-15 14:33 . 2011-10-15 14:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
    2011-10-15 14:31 . 2011-10-16 02:03 -------- d-----w- c:\programdata\Rosetta Stone
    2011-10-15 14:31 . 2011-10-15 14:31 -------- d-----w- c:\program files\Rosetta Stone
    2011-10-13 20:22 . 2011-10-13 20:22 -------- d-----w- c:\programdata\Airline Tycoon 2
    2011-10-11 21:03 . 2011-09-30 23:01 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
    2011-10-11 21:01 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-10-11 21:01 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-11 21:01 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-11 21:01 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-30 16:50 . 2010-03-13 15:01 1090 ----a-w- c:\windows\system32\ealregsnapshot1.reg
    2011-10-15 08:53 . 2011-09-02 06:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
    2011-10-15 08:53 . 2011-09-02 06:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
    2011-10-15 08:53 . 2009-08-17 04:57 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
    2011-10-15 08:53 . 2008-01-10 22:57 2458432 ----a-w- c:\windows\system32\nvapi.dll
    2011-10-03 09:06 . 2010-05-05 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-09-30 01:19 . 2011-06-09 22:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-27 19:57 . 2011-09-27 19:51 11098 ----a-w- c:\users\cswright\AppData\Roaming\TheHunterSettings_live.bin
    2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-08-20 20:16 . 2010-09-27 15:47 109080 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-08-14 23:53 . 2010-09-27 15:47 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-08-08 10:08 . 2011-08-08 10:08 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2011-10-06 02:33 . 2011-03-23 06:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "Ida"="c:\program files\Ida\IdaLaunch.exe" [2010-09-01 27352]
    "Steam"="c:\program files\Steam\Steam.exe" [2011-08-08 1242448]
    "googletalk"="c:\users\cswright\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "F.lux"="c:\users\cswright\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
    "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
    "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "BigDogPath"="c:\windows\VM302Snap.exe" [2007-03-27 49152]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
    "Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
    "amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]
    "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
    "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
    "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Backblaze"="c:\program files\Backblaze\bzbui.exe" [2011-11-02 495400]
    .
    c:\users\cswright\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\cswright\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-1 24183152]
    MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-8-5 575488]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-18 805392]
    Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-2-6 99840]
    VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-2-25 6144]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2007-04-19 16:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-07 51144]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
    R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\users\cswright\AppData\Local\Temp\VSPE.sys [x]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 51440]
    R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
    R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    R2 bzserv;Backblaze Service;c:\program files\Backblaze\bzserv.exe [2011-11-02 211240]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
    R2 gupdate1c98e17e990274c;Google Update Service (gupdate1c98e17e990274c);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
    R2 IcRecUsb;IC Recorder Driver;c:\windows\system32\Drivers\IcRecUsb.sys [2001-10-02 17432]
    R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
    R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2011-03-13 16384]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
    R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2008-07-26 42280]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
    R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-09-11 1440384]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
    R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
    R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-06 4005936]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
    R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 vvftav302;vvftav302;c:\windows\system32\drivers\vvftav302.sys [2007-03-18 475136]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
    S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-02-15 716272]
    S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
    S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-07 376352]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ECACHE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 20:15]
    .
    2011-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001Core.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2536327669-281741289-2472909358-1001UA.job
    - c:\users\cswright\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 21:42]
    .
    2011-11-04 c:\windows\Tasks\User_Feed_Synchronization-{1BDB2969-579D-49C0-83F7-6A0633C8BF35}.job
    - c:\windows\system32\msfeedssync.exe [2011-10-11 21:29]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = my.daemon-search.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\cswright\AppData\Roaming\Mozilla\Firefox\Profiles\phwij8z6.chuckie\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKCU-Run-SansaDispatch - c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-11-04 11:31
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    SansaDispatch = c:\users\cswright\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??????? ?? _???????8???t\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5FE69E32-13AD-4019-9B14-CD30E22504B2}*]
    "dafhchbe"=hex:64,62,67,6a,62,62,6c,69,66,61,67,62,67,67,61,6f,70,69,6d,63,62,
    65,61,6d,6b,6e,67,6d,6f,68,63,62,65,70,6e,69,6e,64,69,63,00,00
    "iackpgoofcplhcajpe"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    "haejbcbekicddddl"=hex:6a,61,6f,63,6c,62,69,68,62,62,6c,70,6e,6a,68,6a,62,6b,
    70,64,00,00
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:ea,1f,7d,bd,86,10,ec,a9,fa,c2,fd,01,8e,ab,c2,5a,19,55,cc,fd,2b,8b,d1,
    27,c2,ab,84,58,07,da,69,a5,e5,e0,26,40,ed,d6,eb,50,1e,41,51,55,ec,cf,81,4c,\
    "??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
    .
    [HKEY_USERS\S-1-5-21-2536327669-281741289-2472909358-1001\Software\SecuROM\License information*]
    "datasecu"=hex:6e,93,ba,fe,52,48,c0,1e,14,39,06,1e,de,67,8e,fd,30,69,7b,45,56,
    76,2c,42,c5,3a,7f,b2,ab,4b,05,2d,6a,81,23,77,d6,a6,9d,75,0e,24,58,50,ad,f1,\
    "rkeysecu"=hex:03,cd,8a,78,f1,a9,46,8d,10,73,b8,0e,51,a5,7e,e8
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(648)
    c:\users\cswright\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    c:\program files\Microsoft Office\OFFICE11\msohev.dll
    .
    Completion time: 2011-11-04 11:56:24
    ComboFix-quarantined-files.txt 2011-11-04 15:56
    ComboFix2.txt 2011-11-02 21:05
    ComboFix3.txt 2011-11-02 15:36
    .
    Pre-Run: 111,362,699,264 bytes free
    Post-Run: 99,025,989,632 bytes free
    .
    - - End Of File - - 2E987C5B85038C88431816B93D9DD58B
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1024686

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice