Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old November 13th, 2013, 09:05 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
Computer slow with many errors ... May have virus

I am having many problems with my computer. Have to restart many times to get my desktop. Receiving .exe and .dll errors. Programs will not uninstall properly.

I did try to attach Farbar Scans but files were too long. Tried to attach each part separately but still too long. I do not want to format my C drive if at all possible.

Any help would be greatly appreciated.
Reply With Quote


  #2  
Old November 14th, 2013, 08:22 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 36
Posts: 5,017
Hello, MorningDove143
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.



For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.

You can split the logfiles and use several posts if needed.
Reply With Quote
  #3  
Old November 14th, 2013, 01:50 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
Thank you Tom for your response. I am currently working in Safe Mode with Networking because my computer will not start properly. I had to do a System Restore to get it to open to the desktop. I had to split the first file so there will probably be 3 or 4 posts to get the complete files to you. Once again, thank you for your assistance.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Dove (administrator) on DOVE-PC on 14-11-2013 07:32:00
Running from C:\Users\Dove\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\WerFault.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2008-04-20] (Intel Corporation)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2007-10-23] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6291456 2008-05-07] (Realtek Semiconductor)
HKLM\...\Run: [eDataSecurity Loader] - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe [561200 2008-05-14] (Egis Incorporated)
HKLM\...\Run: [ePower_DMC] - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [474624 2008-06-11] (Acer Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1237288 2008-04-24] (Synaptics, Inc.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Runonce: [BrandClearStubs] - RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{64287212-aa78-48d6-b652-3d68711d5937}
HKLM\...\RunOnce: [NoIE4StubProcessing] - C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f [74240 2009-04-11] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Search Protection] - C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-20] (Microsoft Corporation)
HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2326848 2013-09-29] (IObit)
HKCU\...\Policies\Explorer: [NofolderOptions] 0
MountPoints2: F - F:\ToolLauncher-Bootstrap.exe
MountPoints2: {41ba7097-724a-11df-bcc3-001e68e87e6b} - F:\VZAccess_Manager.exe /z detect
MountPoints2: {5d2a083d-d419-11e1-a7d6-001e68e87e6b} - F:\ToolLauncher-Bootstrap.exe
MountPoints2: {75ca2ba3-767d-11e0-983c-001e68e87e6b} - F:\setup.exe -a
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)
HKLM-x32\...\Run: [LTCM Client] - C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [YSearchProtection] - C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sprint SmartView] - C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe [69632 2012-07-13] (Sprint)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2404376 2013-11-01] ()
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-05-29] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [173352 2009-03-18] (CyberLink)
HKLM-x32\...\Run: [F-Secure Hoster (42626)] - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKU\Admin\...\RunOnce: [Application Restart #0] - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [782848 2008-05-30] (Acer Incorporated)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [24576 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [24576 2007-08-21] ()
AppInit_DLLs: avgrssta.dll [ ] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/disp...b_id&%language
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1...PVXXXX5RG3MPPV
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1...PVXXXX5RG3MPPV
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1...PVXXXX5RG3MPPV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1...PVXXXX5RG3MPPV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1...PVXXXX5RG3MPPV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTe rms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTe rms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT3279141&CUI=UN40158782142393481
SearchScopes: HKLM-x32 - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {6CFE3E04-1213-4A97-9635-551C915357DE} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={s earchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ 000YYUS&apn_uid=27CF690A-88B0-4E7C-BA94-74A749696673&apn_sauid=4449D4EE-64B3-4F24-BDC9-9C17C674E640
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=reta il&geo=US&ver=5
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}918758
BHO: weDownload Manager Pro - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll (weDownload)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
BHO-x32: weDownload Manager Pro - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll (weDownload)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: No Name - {625F420E-A4A9-4B40-BC23-716C1C43893A} - No File
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Dove\AppData\Roaming\DefaultTab\DefaultTa b\DefaultTabBHO.dll (Search Results LLC.)
BHO-x32: Swift Browse - {808dc83c-d35b-4fba-a5b5-9a52103204df} - C:\Program Files (x86)\Swift Browse\SwiftBrowseBHO.dll (Swift Browse)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO-x32: No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
BHO-x32: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInsta nce.dll (Yahoo! Inc)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM-x32 - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM-x32 - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://www.bing.com/?FORM=MFEHPG&PUBL=Google&CREA=userid1743go51d367c6 4cb6b50c6d8b0b7fe5f35618", "hxxp://start.qone8.com/?type=hp&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV", "hxxp://search.conduit.com/?ctid=CT3287811&SearchSource=48&CUI=UN161309030712 41412&UM=2"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={searchTerms}&language={language }
CHR Extension: (A Quotation) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpin jhlpmg\0.8_0
CHR Extension: (Learn French - Tr\u00E8s Bien) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeifanonhefcaphaeeknpklkfn jjmpec\1.46_0
CHR Extension: (Google Docs) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake\0.5_0
CHR Extension: (Facebook) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgd acljfm\1.0.3_0
CHR Extension: (Gray Lite ++) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkjjbpmdegbeafnbneknpchkk ljmojn\1_0
CHR Extension: (Good Noows) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcf ombgjj\3.5.100_0
CHR Extension: (Google+) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdi dnckmm\1.2.0.418_0
CHR Extension: (Mahjongg) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegpopcingfghbompjfejakfea olmbop\1.0.0.2_0
CHR Extension: (Google Calendar) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodon ldlgfn\4.5.3_0
CHR Extension: (World of Solitaire) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhji jnidgn\1.0.1_0
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhl kdopop\1.0.0.4_0
CHR Extension: (Lightning Newtab) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpge jiplfo\1.1.7.9_0
CHR Extension: (+1 Button) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmloj pnlkhp\1.2.0.329_0
CHR Extension: (Thesaurus Extension) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnlghihanpgbalbphnffoehfkb cfcpic\1.1_0
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmj gjcoja\3.0.19_0
CHR Extension: (Google Wallet) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.5.0_0
CHR Extension: (Thesaurus) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkake hngcem\1.5_0
CHR Extension: (Gmail) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0
CHR Extension: (Learn Spanish - Qu\u00E9 Onda Spanish) - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoo cbcmaj\1_0
CHR HKLM-x32\...\Chrome\Extension: [cekcjpgehmohobmdiikfnopibipmgnml] - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dove\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [jgapglgghagmhogfjkdlnnmbdfddeedb] - C:\Program Files (x86)\Swift Browse\jgapglgghagmhogfjkdlnnmbdfddeedb.crx
CHR HKLM-x32\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files (x86)\OApps\chromeaddon.crx
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Dove\AppData\Local\CRE\klibnahbojhkanfgag lnlalfkgpcppfi.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.0.0.12\avg.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Dove\AppData\Local\CRE\oelbclnhkbhlhikfmp mbakbgeonbjjnp.crx

==================== Services (Whitelisted) =================

S2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [962880 2013-09-29] (IObit)
S4 avg9emc; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [916760 2010-04-04] (AVG Technologies CZ, s.r.o.)
S4 avg9wd; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [308064 2010-04-04] (AVG Technologies CZ, s.r.o.)
S2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.)
S3 CASprint; C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [124520 2012-05-30] (SmithMicro Inc.)
S4 CLHNService; C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] ()
S2 DefaultTabUpdate; C:\Users\Dove\AppData\Roaming\DefaultTab\DefaultTa b\DTUpdate.exe [107520 2012-08-18] ()
S2 eDataSecurity Service; C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-05-14] (Egis Incorporated)
S2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] ()
S2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2150208 2013-09-27] (IObit)
S2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [132096 2007-12-06] ()
S2 N360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe [130000 2010-11-23] (Symantec Corporation)
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] ()
S2 NvtlService; C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [92504 2011-02-07] ()
S2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-08] ()
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated)
S3 SprintRcAppSvc; C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe [120424 2012-05-30] (SmithMicro Inc.)
S2 SwiCardDetectSvc; C:\Program Files (x86)\Sprint\Sprint SmartView\SwiCardDetect64.exe [307568 2010-09-22] (Sierra Wireless, Inc.)
S2 Update Swift Browse; C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe [65312 2013-10-22] (Swift Browse)
S2 Util Swift Browse; C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe [65312 2013-11-02] (Swift Browse)
S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-11-01] (AVG Secure Search)
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706100 2013-11-01] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

S1 AvgLdx64; C:\Windows\System32\Drivers\avgldx64.sys [269320 2010-04-04] (AVG Technologies CZ, s.r.o.)
S1 AvgMfx64; C:\Windows\System32\Drivers\avgmfx64.sys [35464 2010-04-04] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiA; C:\Windows\System32\Drivers\avgtdia.sys [317520 2010-04-26] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-01] (AVG Technologies)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [416000 2012-03-20] (Beceem Communications Inc.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [64000 2012-03-20] (Beceem Communications Inc.)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys [1390680 2013-04-12] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-11-20] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\201 30523.001\IDSvia64.sys [513184 2013-03-13] (Symantec Corporation)
S2 int15; C:\Windows\SysWOW64\drivers\int15_64.sys [17952 2008-03-21] (Acer, Inc.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x64.sys [63016 2013-11-01] (Atheros Communications, Inc.)
S3 PCASp50a64; C:\Windows\SysWow64\Drivers\PCASp50a64.sys [41280 2011-02-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-08-05] (Smith Micro Inc.)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [22064 2008-05-14] (Egis Incorporated)
S2 PSDNServ; C:\Windows\System32\DRIVERS\PSDNServ.sys [21040 2008-05-14] (Egis Incorporated)
S2 psdvdisk; C:\Windows\System32\DRIVERS\PSDVdisk.sys [60976 2008-05-14] (Egis Incorporated)
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [67456 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [70784 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [66688 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [84992 2008-08-10] (DEVGURU Co,LTD.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SR TSP64.SYS [744568 2011-03-30] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SR TSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
S3 SWNC5E00; C:\Windows\System32\DRIVERS\SWNC5E00.sys [243200 2010-10-19] (Sierra Wireless Inc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SY MDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SY MEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-08-21] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43640 2011-03-30] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ir onx64.SYS [171128 2010-11-15] (Symantec Corporation)
S1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\0502020.003\SY MTDIV.SYS [432760 2011-04-20] (Symantec Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [32240 2008-05-09] (Cyberlink Corp.)
S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\2 0130523.020\ENG64.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\VirusDefs\2 0130523.020\EX64.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 07:31 - 2013-11-14 07:31 - 01957794 _____ (Farbar) C:\Users\Dove\Downloads\FRST64.exe
2013-11-13 16:08 - 2013-11-13 16:08 - 00023347 _____ C:\Users\Dove\Downloads\Confirmation of Submittal and Next Steps.htm
2013-11-13 16:08 - 2013-11-13 16:08 - 00000000 ____D C:\Users\Dove\Downloads\Confirmation of Submittal and Next Steps_files
2013-11-13 16:07 - 2013-11-13 16:07 - 00042163 _____ C:\Users\Dove\Downloads\App# 8331407****Name Deborah*Charvat****SSN 021-40-1422***Virtual Gateway.htm
2013-11-13 16:07 - 2013-11-13 16:07 - 00000000 ____D C:\Users\Dove\Downloads\App# 8331407****Name Deborah*Charvat****SSN 021-40-1422***Virtual Gateway_files
2013-11-13 15:38 - 2013-11-13 15:38 - 00134950 _____ C:\Users\Dove\Downloads\Belarc Advisor Computer Profile.htm
2013-11-13 15:38 - 2013-11-13 15:38 - 00000000 ____D C:\Users\Dove\Downloads\Belarc Advisor Computer Profile_files
2013-11-13 14:49 - 2013-11-13 14:51 - 00025680 _____ C:\Users\Dove\Downloads\Addition.txt
2013-11-13 14:45 - 2013-11-14 07:33 - 00027028 _____ C:\Users\Dove\Downloads\FRST.txt
2013-11-13 14:42 - 2013-11-13 14:42 - 00000000 ____D C:\FRST
2013-11-13 12:46 - 2013-11-13 12:54 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 10:50 - 2013-11-13 10:50 - 00000632 _____ C:\Users\Dove\Downloads\exefix_vista.zip
2013-11-13 09:57 - 2013-11-13 09:57 - 00000000 ____D C:\Users\Dove\AppData\Local\weDownload Manager Pro
2013-11-13 08:50 - 2013-11-13 08:50 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-11-12 20:08 - 2013-11-12 20:08 - 00000000 __SHD C:\found.014
2013-11-12 14:59 - 2013-11-12 14:59 - 00000000 __SHD C:\found.013
2013-11-12 07:27 - 2013-11-12 07:33 - 00000000 ____D C:\AdwCleaner
2013-11-12 06:55 - 2013-11-12 06:55 - 00000000 ____D C:\Users\Dove\AppData\Roaming\MyTurboPC.com
2013-11-12 06:54 - 2013-11-12 07:14 - 00000000 ____D C:\ProgramData\MyTurboPC.com
2013-11-11 16:28 - 2013-11-11 16:28 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:28 - 2013-11-11 16:28 - 00000000 _____ C:\Windows\setupact.log
2013-11-10 16:15 - 2013-11-10 16:15 - 00000000 ____D C:\Users\Dove\AppData\Local\BrowserSafeguard
2013-11-10 15:24 - 2013-11-10 15:24 - 00000000 ____D C:\Users\Dove\AppData\Local\NativeMessaging
2013-11-10 15:23 - 2013-11-10 15:25 - 01074954 _____ C:\Users\Dove\AppData\Local\dd_vstor40_x64MSI44A5. txt
2013-11-10 15:23 - 2013-11-10 15:25 - 00070046 _____ C:\Users\Dove\AppData\Local\dd_vstor40_x64UI44A5.t xt
2013-11-10 15:15 - 2013-11-10 15:15 - 00000000 ____D C:\Users\Dove\Downloads\tweaking.com_windows_repai r_aio
2013-11-10 15:13 - 2013-11-10 15:13 - 02804572 _____ C:\Users\Dove\Downloads\tweaking.com_windows_repai r_aio.zip
2013-11-10 13:30 - 2013-11-10 13:30 - 00000000 __SHD C:\found.012
2013-11-10 13:26 - 2013-11-10 16:16 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-10 07:20 - 2013-11-10 07:20 - 00000000 ____D C:\found.011
2013-11-10 06:57 - 2013-11-10 07:17 - 00009766 _____ C:\Windows\IE9_main.log
2013-11-09 15:17 - 2013-11-09 15:17 - 08274017 _____ C:\Users\Public\Desktop\fsdiag.zip
2013-11-09 14:29 - 2013-11-09 14:55 - 00000000 ____D C:\Windows\system32\spool(418)
2013-11-09 11:07 - 2013-11-13 21:48 - 01008430 _____ C:\Windows\WindowsUpdate.log
2013-11-09 11:05 - 2013-11-14 06:07 - 00653598 _____ C:\Windows\PFRO.log
2013-11-08 06:18 - 2013-11-08 06:18 - 00000000 __SHD C:\found.010
2013-11-07 14:39 - 2013-11-07 14:39 - 00000000 __SHD C:\found.009
2013-11-06 22:08 - 2013-11-06 22:08 - 00000000 __SHD C:\found.008
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\win
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\network
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\hardware
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\f-secure
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\basic
2013-11-06 19:20 - 2013-11-06 19:20 - 00000000 ____D C:\Users\Dove\AppData\Roaming\PowerCinema
2013-11-06 18:05 - 2013-11-06 18:05 - 00831632 _____ (F-Secure Corporation) C:\Users\Dove\Downloads\CharterNetworkInstaller.ex e
2013-11-06 18:03 - 2013-11-14 07:25 - 00002029 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-06 18:02 - 2013-11-06 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-06 18:02 - 2013-11-06 18:07 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-06 18:02 - 2013-11-06 18:02 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A
2013-11-06 18:02 - 2013-11-06 18:02 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore
2013-11-06 17:30 - 2013-11-06 17:30 - 00000000 ____D C:\Users\Dove\AppData\Local\Sprint
2013-11-06 16:34 - 2013-11-06 16:34 - 00000000 ____D C:\Windows\registration
2013-11-06 16:30 - 2013-11-06 16:30 - 00000000 __SHD C:\found.007
2013-11-06 11:51 - 2013-11-14 09:57 - 00000000 ____D C:\Program Files (x86)\Charter Security Suite
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-11-06 09:06 - 2013-11-07 15:09 - 00000000 ____D C:\ProgramData\F-Secure
2013-11-05 14:22 - 2013-11-05 14:22 - 00000000 __SHD C:\found.006
2013-11-05 12:36 - 2013-11-10 07:17 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-11-05 11:14 - 2013-11-05 11:15 - 00000000 ____D C:\WINSSLog
2013-11-05 11:02 - 2013-11-05 11:02 - 00071848 _____ C:\Users\Dove\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-05 10:36 - 2013-11-05 10:37 - 00000000 ____D C:\ProgramData\MFAData
2013-11-05 10:36 - 2013-11-05 10:36 - 00000000 ____D C:\Users\Dove\AppData\Local\MFAData
2013-11-05 10:36 - 2013-11-05 10:36 - 00000000 ____D C:\Users\Dove\AppData\Local\Avg2014
2013-11-05 09:29 - 2013-11-05 09:29 - 00000000 __SHD C:\found.005
2013-11-03 07:21 - 2013-11-03 07:21 - 00000000 ____D C:\ProgramData\Sprint(23)
2013-11-03 07:03 - 2013-11-03 07:04 - 00306736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-03 07:00 - 2013-11-03 07:00 - 00000000 __SHD C:\found.004
2013-11-02 17:56 - 2013-11-02 17:56 - 00003162 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-11-02 17:56 - 2013-05-22 17:49 - 00032600 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-11-01 21:46 - 2013-11-01 21:46 - 00000000 ____D C:\IObit
2013-11-01 21:38 - 2013-11-01 21:38 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-11-01 21:38 - 2013-11-01 21:38 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-11-01 21:38 - 2013-11-01 21:38 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00110211 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00063016 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1E60x64.sys
2013-11-01 21:38 - 2013-11-01 21:38 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00005448 _____ C:\Windows\system32\iglhxs64.vp
2013-11-01 21:38 - 2013-11-01 21:38 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-01 21:37 - 2013-11-01 21:37 - 32882688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-01 21:37 - 2013-11-01 21:37 - 27643648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 14151936 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-11-01 21:37 - 2013-11-01 21:37 - 04933328 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 03713280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 03641688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-01 21:37 - 2013-11-01 21:37 - 02809048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02586840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-01 21:37 - 2013-11-01 21:37 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01344256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01011968 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00947248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00848184 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00765184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00646313 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-01 21:37 - 2013-11-01 21:37 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00605496 _____ C:\Windows\system32\audioLibVc.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
Reply With Quote
  #4  
Old November 14th, 2013, 01:54 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
Second part of FRST.txt file

2013-11-01 21:37 - 2013-11-01 21:37 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00149208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00000000 ____D C:\Program Files\Realtek
2013-11-01 21:13 - 2013-11-01 21:13 - 00001019 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00001012 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00001009 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-11-01 21:13 - 2013-11-01 21:13 - 00000280 _____ C:\Windows\Tasks\Driver Booster Scan.job
2013-11-01 21:13 - 2013-05-22 17:49 - 00017720 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-11-01 21:10 - 2013-11-09 11:07 - 00000000 ____D C:\ProgramData\ProductData
2013-11-01 21:10 - 2013-11-01 21:18 - 00002044 _____ C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2013-11-01 21:10 - 2013-11-01 21:10 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-01 21:09 - 2013-11-01 21:09 - 00001408 _____ C:\Windows\Tasks\weDownload Manager Pro-updater.job
2013-11-01 21:09 - 2013-11-01 21:09 - 00001210 _____ C:\Windows\Tasks\weDownload Manager Pro-enabler.job
2013-11-01 21:08 - 2013-11-14 09:57 - 00000000 ____D C:\Program Files (x86)\weDownload Manager Pro
2013-11-01 21:08 - 2013-11-14 09:57 - 00000000 ____D C:\Program Files (x86)\Swift Browse
2013-11-01 21:08 - 2013-11-06 14:02 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-11-01 21:08 - 2013-11-06 14:02 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-01 21:08 - 2013-11-01 21:09 - 32182752 _____ (IObit ) C:\Users\Dove\Downloads\asc7setup.exe
2013-11-01 21:08 - 2013-11-01 21:08 - 05573633 _____ (Gzkbritsa) C:\Users\Dove\Downloads\1382606548_wedownload_mana ger_pro.exe
2013-11-01 21:08 - 2013-11-01 21:08 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-11-01 21:08 - 2013-11-01 21:08 - 00014996 _____ C:\Users\Dove\AppData\Local\dd_vcredistUI0E1D.txt
2013-11-01 21:08 - 2013-11-01 21:08 - 00002040 _____ C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
2013-11-01 21:08 - 2013-11-01 21:08 - 00001844 _____ C:\Users\Dove\AppData\Local\dd_vcredistMSI0E1D.txt
2013-11-01 21:08 - 2013-11-01 21:08 - 00001310 _____ C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
2013-11-01 20:05 - 2013-11-14 07:17 - 00000000 ____D C:\ProgramData\eSafe
2013-11-01 20:05 - 2013-11-14 06:35 - 00000000 ____D C:\ProgramData\eSafe(309)
2013-11-01 20:03 - 2013-11-14 09:57 - 00000000 ____D C:\Program Files (x86)\Smart PC Cleaner
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 ____D C:\Program Files (x86)\GUMDF46.tmp
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _____ C:\Program Files (x86)\GUTDF47.tmp
2013-10-29 07:29 - 2013-10-29 07:29 - 00000000 ____D C:\Users\Dove\AppData\Roaming\Verizon
2013-10-29 06:39 - 2013-10-29 06:39 - 00000254 _____ C:\Users\Dove\Install-VzInHomeAgentLog.log
2013-10-29 06:37 - 2013-10-29 06:41 - 00000000 ____D C:\Users\Dove\AppData\Local\SupportSoft
2013-10-29 06:37 - 2013-10-29 06:41 - 00000000 ____D C:\Program Files (x86)\Verizon
2013-10-29 05:27 - 2013-11-10 06:55 - 00004212 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 13:13 - 2013-10-28 13:13 - 00915368 _____ (Oracle Corporation) C:\Users\Dove\Documents\chromeinstall-7u45.exe
2013-10-26 10:39 - 2013-11-01 19:35 - 00000000 ____D C:\Windows\Temp9C0B42DF-F0BF-9E95-9DF9-C241F69CDDC0-Signatures
2013-10-26 10:36 - 2013-10-26 10:36 - 13812408 _____ (Microsoft Corporation) C:\Users\Dove\Documents\mseinstall.exe
2013-10-24 19:48 - 2013-10-24 19:48 - 00001698 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-24 19:47 - 2013-11-01 19:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 19:47 - 2013-11-01 19:35 - 00000000 ____D C:\Program Files\iTunes
2013-10-24 19:47 - 2013-10-24 19:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(170)
2013-10-24 14:57 - 2013-11-01 19:35 - 00000000 ____D C:\Users\Dove\Documents\Bed Frame Order at Walmart_files
2013-10-24 14:57 - 2013-10-24 14:57 - 00247144 _____ C:\Users\Dove\Documents\Bed Frame Order at Walmart.htm
2013-10-24 14:18 - 2013-11-01 19:35 - 00000000 ____D C:\Users\Dove\Documents\Verizon - Checkout Order Summary_files
2013-10-24 14:18 - 2013-10-24 14:18 - 00402600 _____ C:\Users\Dove\Documents\Verizon - Checkout Order Summary.htm

==================== One Month Modified Files and Folders =======

2013-11-14 09:58 - 2006-11-02 10:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-14 09:58 - 2006-11-02 07:33 - 72351744 _____ C:\Windows\system32\config\software_previous
2013-11-14 09:58 - 2006-11-02 07:33 - 33554432 _____ C:\Windows\system32\config\system_previous
2013-11-14 09:57 - 2013-11-06 11:51 - 00000000 ____D C:\Program Files (x86)\Charter Security Suite
2013-11-14 09:57 - 2013-11-01 21:08 - 00000000 ____D C:\Program Files (x86)\weDownload Manager Pro
2013-11-14 09:57 - 2013-11-01 21:08 - 00000000 ____D C:\Program Files (x86)\Swift Browse
2013-11-14 09:57 - 2013-11-01 20:03 - 00000000 ____D C:\Program Files (x86)\Smart PC Cleaner
2013-11-14 09:57 - 2013-07-26 12:42 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-14 09:57 - 2013-03-03 09:54 - 00000000 ____D C:\Users\Dove\AppData\Local\SwvUpdater
2013-11-14 09:57 - 2013-03-03 09:54 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-14 09:57 - 2012-02-08 19:17 - 00000000 ____D C:\ProgramData\IObit
2013-11-14 09:57 - 2010-05-31 19:25 - 00000000 ____D C:\ProgramData\Norton
2013-11-14 09:57 - 2010-02-21 17:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-14 09:57 - 2009-12-26 08:35 - 00000000 ____D C:\Users\Dove\AppData\Local\SoftDMA
2013-11-14 09:57 - 2009-11-20 18:56 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-11-14 09:57 - 2009-11-13 22:10 - 00000000 ____D C:\Users\Dove\AppData\Local\PlayMovie
2013-11-14 09:57 - 2009-11-13 22:09 - 00000000 ____D C:\Users\Dove\AppData\Local\PowerCinema
2013-11-14 09:57 - 2009-11-13 22:07 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-14 09:57 - 2008-07-31 14:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 09:57 - 2006-11-02 10:07 - 00000000 ____D C:\Windows\ShellNew
2013-11-14 09:57 - 2006-11-02 08:34 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-11-14 09:57 - 2006-11-02 08:34 - 00000000 ____D C:\Windows\system32\spool
2013-11-14 09:57 - 2006-11-02 08:34 - 00000000 ____D C:\Windows\system32\Msdtc
2013-11-14 09:57 - 2006-11-02 08:33 - 00000000 __RSD C:\Windows\Media
2013-11-14 09:57 - 2006-11-02 08:33 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-11-14 09:56 - 2010-05-31 19:26 - 00000000 ____D C:\Program Files (x86)\Norton 360
2013-11-14 09:43 - 2009-11-17 18:10 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2013-11-14 09:41 - 2013-04-18 18:25 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-11-14 09:36 - 2006-11-02 07:33 - 00094208 _____ C:\Windows\system32\config\sam_previous
2013-11-14 09:36 - 2006-11-02 07:33 - 00024576 _____ C:\Windows\system32\config\security_previous
2013-11-14 09:20 - 2006-11-02 08:34 - 00000000 ____D C:\Windows\system32\spool(2097)
2013-11-14 09:19 - 2009-11-13 21:49 - 00000000 ___RD C:\Users\Dove\Contacts(1547)
2013-11-14 07:33 - 2013-11-13 14:45 - 00027028 _____ C:\Users\Dove\Downloads\FRST.txt
2013-11-14 07:32 - 2011-05-04 13:39 - 00000000 ____D C:\Users\Admin
2013-11-14 07:31 - 2013-11-14 07:31 - 01957794 _____ (Farbar) C:\Users\Dove\Downloads\FRST64.exe
2013-11-14 07:26 - 2006-11-02 07:46 - 00749892 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 07:25 - 2013-11-06 18:03 - 00002029 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 07:19 - 2009-11-13 21:47 - 00000000 ____D C:\Users\Dove
2013-11-14 07:17 - 2013-11-01 20:05 - 00000000 ____D C:\ProgramData\eSafe
2013-11-14 07:17 - 2006-11-02 10:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 07:17 - 2006-11-02 10:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 07:17 - 2006-11-02 10:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 06:35 - 2013-11-01 20:05 - 00000000 ____D C:\ProgramData\eSafe(309)
2013-11-14 06:35 - 2006-11-02 07:33 - 51380224 _____ C:\Windows\system32\config\components_previous
2013-11-14 06:35 - 2006-11-02 07:33 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-11-14 06:34 - 2008-07-31 14:37 - 00000147 _____ C:\Windows\SysWOW64\agent.log
2013-11-14 06:07 - 2013-11-09 11:05 - 00653598 _____ C:\Windows\PFRO.log
2013-11-13 21:48 - 2013-11-09 11:07 - 01008430 _____ C:\Windows\WindowsUpdate.log
2013-11-13 16:08 - 2013-11-13 16:08 - 00023347 _____ C:\Users\Dove\Downloads\Confirmation of Submittal and Next Steps.htm
2013-11-13 16:08 - 2013-11-13 16:08 - 00000000 ____D C:\Users\Dove\Downloads\Confirmation of Submittal and Next Steps_files
2013-11-13 16:07 - 2013-11-13 16:07 - 00042163 _____ C:\Users\Dove\Downloads\App# 8331407****Name Deborah*Charvat****SSN 021-40-1422***Virtual Gateway.htm
2013-11-13 16:07 - 2013-11-13 16:07 - 00000000 ____D C:\Users\Dove\Downloads\App# 8331407****Name Deborah*Charvat****SSN 021-40-1422***Virtual Gateway_files
2013-11-13 15:38 - 2013-11-13 15:38 - 00134950 _____ C:\Users\Dove\Downloads\Belarc Advisor Computer Profile.htm
2013-11-13 15:38 - 2013-11-13 15:38 - 00000000 ____D C:\Users\Dove\Downloads\Belarc Advisor Computer Profile_files
2013-11-13 14:51 - 2013-11-13 14:49 - 00025680 _____ C:\Users\Dove\Downloads\Addition.txt
2013-11-13 14:42 - 2013-11-13 14:42 - 00000000 ____D C:\FRST
2013-11-13 12:54 - 2013-11-13 12:46 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 10:50 - 2013-11-13 10:50 - 00000632 _____ C:\Users\Dove\Downloads\exefix_vista.zip
2013-11-13 09:57 - 2013-11-13 09:57 - 00000000 ____D C:\Users\Dove\AppData\Local\weDownload Manager Pro
2013-11-13 09:19 - 2013-10-06 14:58 - 00000000 ____D C:\ProgramData\Oracle
2013-11-13 09:18 - 2011-05-05 09:00 - 00000000 ____D C:\Program Files\Java
2013-11-13 09:10 - 2011-12-10 13:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-13 08:50 - 2013-11-13 08:50 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-11-13 07:58 - 2008-07-31 14:23 - 00360417 _____ C:\Users\Public\eDSMSNLoader32.log
2013-11-12 20:08 - 2013-11-12 20:08 - 00000000 __SHD C:\found.014
2013-11-12 15:50 - 2013-07-26 12:42 - 00000000 ____D C:\Program Files (x86)\MyPC Backup(279)
2013-11-12 14:59 - 2013-11-12 14:59 - 00000000 __SHD C:\found.013
2013-11-12 14:18 - 2013-03-03 09:54 - 00000000 ____D C:\Users\Dove\AppData\Local\SwvUpdater(1279)
2013-11-12 14:16 - 2009-11-13 21:49 - 00000000 ___RD C:\Users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup
2013-11-12 07:33 - 2013-11-12 07:27 - 00000000 ____D C:\AdwCleaner
2013-11-12 07:14 - 2013-11-12 06:54 - 00000000 ____D C:\ProgramData\MyTurboPC.com
2013-11-12 06:55 - 2013-11-12 06:55 - 00000000 ____D C:\Users\Dove\AppData\Roaming\MyTurboPC.com
2013-11-11 16:28 - 2013-11-11 16:28 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:28 - 2013-11-11 16:28 - 00000000 _____ C:\Windows\setupact.log
2013-11-10 16:16 - 2013-11-10 13:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-10 16:15 - 2013-11-10 16:15 - 00000000 ____D C:\Users\Dove\AppData\Local\BrowserSafeguard
2013-11-10 15:32 - 2010-02-24 17:41 - 00000000 ____D C:\Users\Dove\AppData\Roaming\Mozilla
2013-11-10 15:25 - 2013-11-10 15:23 - 01074954 _____ C:\Users\Dove\AppData\Local\dd_vstor40_x64MSI44A5. txt
2013-11-10 15:25 - 2013-11-10 15:23 - 00070046 _____ C:\Users\Dove\AppData\Local\dd_vstor40_x64UI44A5.t xt
2013-11-10 15:24 - 2013-11-10 15:24 - 00000000 ____D C:\Users\Dove\AppData\Local\NativeMessaging
2013-11-10 15:24 - 2013-03-03 09:52 - 00000000 ____D C:\Users\Dove\AppData\Local\CRE
2013-11-10 15:24 - 2006-11-02 08:33 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-10 15:22 - 2013-07-26 15:14 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
2013-11-10 15:15 - 2013-11-10 15:15 - 00000000 ____D C:\Users\Dove\Downloads\tweaking.com_windows_repai r_aio
2013-11-10 15:13 - 2013-11-10 15:13 - 02804572 _____ C:\Users\Dove\Downloads\tweaking.com_windows_repai r_aio.zip
2013-11-10 15:05 - 2011-05-05 13:49 - 00000000 ____D C:\Users\Dove\AppData\Local\Deployment
2013-11-10 13:30 - 2013-11-10 13:30 - 00000000 __SHD C:\found.012
2013-11-10 12:40 - 2006-11-02 08:34 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-11-10 07:20 - 2013-11-10 07:20 - 00000000 ____D C:\found.011
2013-11-10 07:17 - 2013-11-10 06:57 - 00009766 _____ C:\Windows\IE9_main.log
2013-11-10 07:17 - 2013-11-05 12:36 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-11-10 06:55 - 2013-10-29 05:27 - 00004212 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-10 06:55 - 2009-11-18 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-09 16:04 - 2013-07-26 11:31 - 00000000 ____D C:\ProgramData\GlarySoft
2013-11-09 16:04 - 2013-07-26 11:23 - 00000000 ____D C:\Users\Dove\AppData\Roaming\GlarySoft
2013-11-09 15:17 - 2013-11-09 15:17 - 08274017 _____ C:\Users\Public\Desktop\fsdiag.zip
2013-11-09 14:55 - 2013-11-09 14:29 - 00000000 ____D C:\Windows\system32\spool(418)
2013-11-09 11:07 - 2013-11-01 21:10 - 00000000 ____D C:\ProgramData\ProductData
2013-11-09 11:07 - 2010-10-11 12:22 - 00000000 ____D C:\Users\Dove\AppData\Local\CrashDumps
2013-11-08 06:18 - 2013-11-08 06:18 - 00000000 __SHD C:\found.010
2013-11-07 20:23 - 2010-05-31 19:54 - 00000680 _____ C:\Users\Dove\AppData\Local\d3d9caps.dat
2013-11-07 15:09 - 2013-11-06 09:06 - 00000000 ____D C:\ProgramData\F-Secure
2013-11-07 14:39 - 2013-11-07 14:39 - 00000000 __SHD C:\found.009
2013-11-06 22:08 - 2013-11-06 22:08 - 00000000 __SHD C:\found.008
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\win
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\network
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\hardware
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\f-secure
2013-11-06 20:10 - 2013-11-06 20:10 - 00000000 ____D C:\Users\Dove\basic
2013-11-06 19:20 - 2013-11-06 19:20 - 00000000 ____D C:\Users\Dove\AppData\Roaming\PowerCinema
2013-11-06 18:07 - 2013-11-06 18:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-06 18:07 - 2013-11-06 18:02 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-06 18:05 - 2013-11-06 18:05 - 00831632 _____ (F-Secure Corporation) C:\Users\Dove\Downloads\CharterNetworkInstaller.ex e
2013-11-06 18:02 - 2013-11-06 18:02 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A
2013-11-06 18:02 - 2013-11-06 18:02 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore
2013-11-06 17:51 - 2013-03-03 09:54 - 00000352 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-06 17:37 - 2009-11-13 22:07 - 00003534 _____ C:\ProgramData\ArcadeDeluxe2.log
2013-11-06 17:36 - 2008-07-31 13:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 17:30 - 2013-11-06 17:30 - 00000000 ____D C:\Users\Dove\AppData\Local\Sprint
2013-11-06 17:15 - 2012-04-02 08:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 16:34 - 2013-11-06 16:34 - 00000000 ____D C:\Windows\registration
2013-11-06 16:30 - 2013-11-06 16:30 - 00000000 __SHD C:\found.007
2013-11-06 14:02 - 2013-11-01 21:08 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-11-06 14:02 - 2013-11-01 21:08 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-06 14:02 - 2012-09-24 10:22 - 00000000 ____D C:\Program Files (x86)\Sierra Wireless
2013-11-06 14:02 - 2012-09-24 10:21 - 00000000 ____D C:\ProgramData\Sprint
2013-11-06 14:02 - 2012-02-08 19:17 - 00000000 ____D C:\Users\Dove\AppData\Roaming\IObit
2013-11-06 14:02 - 2012-02-08 19:16 - 00000000 ____D C:\Program Files (x86)\IObit
2013-11-06 14:02 - 2011-08-16 12:02 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-11-06 14:02 - 2011-08-16 12:02 - 00000000 ____D C:\Program Files (x86)\Norton Safe Web Lite
2013-11-06 14:02 - 2010-10-11 08:21 - 00000000 ____D C:\Users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\BrowserPlus
2013-11-06 14:02 - 2010-09-25 06:19 - 00000000 ____D C:\Program Files (x86)\Novatel Wireless
2013-11-06 14:02 - 2009-11-20 18:56 - 00000000 ____D C:\Users\Dove\AppData\Local\Yahoo!
2013-11-06 13:54 - 2010-06-07 10:25 - 00000732 _____ C:\Users\Dove\AppData\Local\d3d9caps64.dat
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-11-05 14:22 - 2013-11-05 14:22 - 00000000 __SHD C:\found.006
2013-11-05 11:15 - 2013-11-05 11:14 - 00000000 ____D C:\WINSSLog
2013-11-05 11:02 - 2013-11-05 11:02 - 00071848 _____ C:\Users\Dove\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-05 10:37 - 2013-11-05 10:36 - 00000000 ____D C:\ProgramData\MFAData
2013-11-05 10:36 - 2013-11-05 10:36 - 00000000 ____D C:\Users\Dove\AppData\Local\MFAData
2013-11-05 10:36 - 2013-11-05 10:36 - 00000000 ____D C:\Users\Dove\AppData\Local\Avg2014
2013-11-05 09:29 - 2013-11-05 09:29 - 00000000 __SHD C:\found.005
2013-11-03 07:46 - 2012-09-04 21:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-03 07:21 - 2013-11-03 07:21 - 00000000 ____D C:\ProgramData\Sprint(23)
2013-11-03 07:19 - 2009-11-20 19:04 - 00001068 _____ C:\Windows\wininit.ini
2013-11-03 07:10 - 2009-11-13 21:58 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2013-11-03 07:04 - 2013-11-03 07:03 - 00306736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-03 07:00 - 2013-11-03 07:00 - 00000000 __SHD C:\found.004
2013-11-03 06:57 - 2006-11-02 10:42 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-02 17:56 - 2013-11-02 17:56 - 00003162 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-11-01 21:46 - 2013-11-01 21:46 - 00000000 ____D C:\IObit
2013-11-01 21:39 - 2008-07-31 13:47 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-01 21:38 - 2013-11-01 21:38 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-11-01 21:38 - 2013-11-01 21:38 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-11-01 21:38 - 2013-11-01 21:38 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-11-01 21:38 - 2013-11-01 21:38 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00110211 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-11-01 21:38 - 2013-11-01 21:38 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-11-01 21:38 - 2013-11-01 21:38 - 00063016 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1E60x64.sys
2013-11-01 21:38 - 2013-11-01 21:38 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00005448 _____ C:\Windows\system32\iglhxs64.vp
2013-11-01 21:38 - 2013-11-01 21:38 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-11-01 21:38 - 2013-11-01 21:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-01 21:37 - 2013-11-01 21:37 - 32882688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-01 21:37 - 2013-11-01 21:37 - 27643648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 14151936 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-11-01 21:37 - 2013-11-01 21:37 - 04933328 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 03713280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 03641688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-01 21:37 - 2013-11-01 21:37 - 02809048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02586840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-01 21:37 - 2013-11-01 21:37 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01344256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01011968 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00947248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00848184 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00765184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00646313 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-01 21:37 - 2013-11-01 21:37 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00605496 _____ C:\Windows\system32\audioLibVc.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00149208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-01 21:37 - 2013-11-01 21:37 - 00000000 ____D C:\Program Files\Realtek
2013-11-01 21:37 - 2008-07-31 13:56 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-01 21:18 - 2013-11-01 21:10 - 00002044 _____ C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2013-11-01 21:18 - 2008-08-11 03:54 - 00000000 ____D C:\Windows\Panther
2013-11-01 21:13 - 2013-11-01 21:13 - 00001019 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00001012 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00001009 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-11-01 21:13 - 2013-11-01 21:13 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-11-01 21:13 - 2013-11-01 21:13 - 00000280 _____ C:\Windows\Tasks\Driver Booster Scan.job
2013-11-01 21:10 - 2013-11-01 21:10 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-01 21:09 - 2013-11-01 21:09 - 00001408 _____ C:\Windows\Tasks\weDownload Manager Pro-updater.job
2013-11-01 21:09 - 2013-11-01 21:09 - 00001210 _____ C:\Windows\Tasks\weDownload Manager Pro-enabler.job
2013-11-01 21:09 - 2013-11-01 21:08 - 32182752 _____ (IObit ) C:\Users\Dove\Downloads\asc7setup.exe
2013-11-01 21:08 - 2013-11-01 21:08 - 05573633 _____ (Gzkbritsa) C:\Users\Dove\Downloads\1382606548_wedownload_mana ger_pro.exe
2013-11-01 21:08 - 2013-11-01 21:08 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-11-01 21:08 - 2013-11-01 21:08 - 00014996 _____ C:\Users\Dove\AppData\Local\dd_vcredistUI0E1D.txt
2013-11-01 21:08 - 2013-11-01 21:08 - 00002040 _____ C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
2013-11-01 21:08 - 2013-11-01 21:08 - 00001844 _____ C:\Users\Dove\AppData\Local\dd_vcredistMSI0E1D.txt
2013-11-01 21:08 - 2013-11-01 21:08 - 00001310 _____ C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
2013-11-01 20:05 - 2009-11-13 21:49 - 00001169 _____ C:\Users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Internet Explorer.lnk
2013-11-01 20:05 - 2009-11-13 21:49 - 00001163 _____ C:\Users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Internet Explorer (64-bit).lnk
2013-11-01 19:35 - 2013-10-26 10:39 - 00000000 ____D C:\Windows\Temp9C0B42DF-F0BF-9E95-9DF9-C241F69CDDC0-Signatures
2013-11-01 19:35 - 2013-10-24 19:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-01 19:35 - 2013-10-24 19:47 - 00000000 ____D C:\Program Files\iTunes
2013-11-01 19:35 - 2013-10-24 14:57 - 00000000 ____D C:\Users\Dove\Documents\Bed Frame Order at Walmart_files
2013-11-01 19:35 - 2013-10-24 14:18 - 00000000 ____D C:\Users\Dove\Documents\Verizon - Checkout Order Summary_files
2013-11-01 19:35 - 2011-05-03 10:59 - 00000000 ____D C:\Users\Dove\Documents\My Digital Editions
2013-11-01 19:35 - 2009-12-25 20:24 - 00000000 ____D C:\Program Files\iPod
2013-11-01 19:35 - 2009-12-25 20:24 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 ____D C:\Program Files (x86)\GUMDF46.tmp
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _____ C:\Program Files (x86)\GUTDF47.tmp
2013-10-30 07:51 - 2012-09-17 12:51 - 00000000 ____D C:\Users\Dove\AppData\Local\Citrix
2013-10-29 07:29 - 2013-10-29 07:29 - 00000000 ____D C:\Users\Dove\AppData\Roaming\Verizon
2013-10-29 06:41 - 2013-10-29 06:37 - 00000000 ____D C:\Users\Dove\AppData\Local\SupportSoft
2013-10-29 06:41 - 2013-10-29 06:37 - 00000000 ____D C:\Program Files (x86)\Verizon
2013-10-29 06:39 - 2013-10-29 06:39 - 00000254 _____ C:\Users\Dove\Install-VzInHomeAgentLog.log
2013-10-28 15:45 - 2011-06-08 22:31 - 00002150 _____ C:\Windows\epplauncher.mif
2013-10-28 13:13 - 2013-10-28 13:13 - 00915368 _____ (Oracle Corporation) C:\Users\Dove\Documents\chromeinstall-7u45.exe
2013-10-26 10:36 - 2013-10-26 10:36 - 13812408 _____ (Microsoft Corporation) C:\Users\Dove\Documents\mseinstall.exe
2013-10-24 19:48 - 2013-10-24 19:48 - 00001698 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-24 19:48 - 2013-10-24 19:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(170)
2013-10-24 14:57 - 2013-10-24 14:57 - 00247144 _____ C:\Users\Dove\Documents\Bed Frame Order at Walmart.htm
2013-10-24 14:18 - 2013-10-24 14:18 - 00402600 _____ C:\Users\Dove\Documents\Verizon - Checkout Order Summary.htm

Files to move or delete:
====================
C:\Users\Dove\bndr2_setup_latest.exe
C:\Users\Dove\cbsidlm-tr1_11-Mahjong_In_Poculis-SEO-10862872.exe
C:\Users\Dove\ccsetup313.exe
C:\Users\Dove\g2ax_customer_downloadhelper_win32_x 86.exe
C:\Users\Dove\KoboSetup.exe
C:\Users\Dove\mseinstall.exe


Some content of TEMP:
====================
C:\Users\Dove\AppData\Local\Temp\1371786419_Cloud_ Backup_Setup.exe
C:\Users\Dove\AppData\Local\Temp\BackupSetup.exe
C:\Users\Dove\AppData\Local\Temp\oi_{7CB9A6D3-7F93-46E8-AE04-025E9273000F}.exe
C:\Users\Dove\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Dove\AppData\Local\Temp\safeguard.exe
C:\Users\Dove\AppData\Local\Temp\SwiftBrowse.exe
C:\Users\Dove\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-14 07:27

==================== End Of Log ============================
Reply With Quote
  #5  
Old November 14th, 2013, 01:59 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2013
Ran by Dove at 2013-11-14 07:34:03
Running from C:\Users\Dove\Downloads
Boot Mode: Safe Mode (with Networking)
================================================== ========


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
123 Free Solitaire 2011 v8.0 (x32)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1395.4512)
Acer Arcade Deluxe (x32 Version: 2.0.5412)
Acer Crystal Eye Webcam 2.0.8 (x32 Version: 2.0.8)
Acer eAudio Management (x32 Version: 3.0.3008)
Acer eDataSecurity Management (x32 Version: 3.0.3062)
Acer Empowering Technology (x32 Version: 3.0.3006)
Acer ePower Management (x32 Version: 3.0.3012)
Acer eSettings Management (x32 Version: 3.0.3007)
Acer GameZone Console 2.0.1.1 (x32)
Acer GridVista (x32 Version: 2.72.317)
Acer Mobility Center Plug-In (x32 Version: 3.0.3000)
Acer Registration (x32)
Acer ScreenSaver (x32 Version: 1.11.0701)
Acer VCM (x32 Version: 3.1.3000)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0)
Activation Assistant for the 2007 Microsoft Office suites (x32)
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Digital Editions (x32)
Adobe Digital Editions 2.0 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Advanced SystemCare 7 (x32 Version: 7.0.3)
Amazon Kindle (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft PhotoImpression 6 (x32 Version: 6)
ArcSoft Print Creations (x32)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.30)
AVG SafeGuard toolbar (x32 Version: 17.0.0.12)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MG2100 series MP Drivers
Canon MG2100 series On-screen Manual (x32)
Canon MG2100 series User Registration (x32)
Canon MP Navigator EX 5.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
Charter Security Suite (x32 Version: 1.83.311.0)
CyberLink PowerDirector (x32 Version: 6.5.3023)
DefaultTab (x32 Version: 1.2.6.0)
Driver Booster (x32 Version: 1.0)
Google Chrome (x32 Version: 31.0.1650.48)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.73.00.52)
iCloud (Version: 2.1.2.8)
InstallVC90Support (x32 Version: 1.01.0000)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2869)
Intel« Matrix Storage Manager
Internet Explorer (Enable DEP)
IObit Malware Fighter (x32 Version: 2.1)
iTunes (Version: 11.1.2.32)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Launch Manager (x32)
LightScribe 1.4.142.1 (x32 Version: 1.4.142.1)
LTCM Client (x32 Version: 1.20.3792)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook 2003 (x32 Version: 11.0.8173.0)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (x32 Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Works (x32 Version: 08.05.0818)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NetLibrary Download Manager (x32 Version: 1.0.10.0)
NOOK for PC (x32 Version: 2.5.6.9575)
Norton 360 (x32 Version: 5.2.2.3)
Norton Safe Web Lite (x32 Version: 1.2.0.6)
NTI Backup Now 5 (x32 Version: 5.1.2.606)
NTI Backup Now Standard (x32 Version: 5.1.2.606)
NTI Media Maker 8 (x32 Version: 8.0.2.6329)
PANTECH UM175 Driver (Version: 3.1.20.1215)
PdaNet for Android 3.50 (x32)
PhotoNow! (x32 Version: 1.1.4619)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7040)
Realtek USB 2.0 Card Reader (x32 Version: )
Smart Defrag 2 (x32 Version: 2.9)
Software Version Updater (x32 Version: 1.1.3.6)
Sprint SmartView (Version: 2.61.0038.0)
Surfing Protection (x32 Version: 1.0)
Swift Browse 1.0.0 (Version: 1.0.0)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 11.1.4.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Verizon Mobile Broadband Drivers (x32 Version: 3.02.002.002)
Verizon Wireless MiFi-2200 Firmware Updates (x32 Version: 1.0.5)
VZAccess Manager (x32 Version: 7.3.13.1)
weDownload Manager Pro (x32 Version: 1.29.153.2)
Winbond CIR Device Drivers (x32 Version: 7.60.1012)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Wsys Control 10.2.1.2652 (x32 Version: 10.2.1.2652)
Yahoo! BrowserPlus 2.9.8 (HKCU)
Yahoo! Messenger (x32)
Yahoo! Search Protection (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)

==================== Restore Points =========================

06-11-2013 23:10:55 New Charter Download 11062013
10-11-2013 11:44:26 Scheduled Checkpoint
10-11-2013 11:53:42 Installed Java 7 Update 45
10-11-2013 11:58:24 Windows Modules Installer
10-11-2013 20:23:17 Installed Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
12-11-2013 19:11:17 Restore Operation
12-11-2013 23:00:53 Restore Operation
13-11-2013 14:18:32 Installed Java 7 Update 45 (64-bit)
13-11-2013 14:46:37 Windows Update

==================== Hosts content: ==========================

2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {01602D07-3195-49AE-B784-5A76FC9AAE01} - \SmartDefrag_Schedule No Task File
Task: {016ABF57-02A0-4213-8E7A-90B3ABDEE1E5} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {09E8A579-B9F5-4287-B4A7-6759D552FF3B} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 7600 Series\lxdwamon.exe
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0E95FED8-B897-4D9F-B68A-64E8FE3F8B7F} - System32\Tasks\Symantec\Norton Error Processor 5.2.2.3 => C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\symerr.exe [2012-06-07] (Symantec Corporation)
Task: {13ED5AED-06E9-46AF-92C0-5E0605354BA5} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartP ages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {377CF6E1-42D5-420E-8F13-5245C6F69981} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {4C6DAA2F-5C82-4458-A63E-0FE81A2E0F08} - System32\Tasks\AmiUpdXp => C:\Users\Dove\AppData\Local\SwvUpdater\Updater.exe [2013-04-04] (Amonetize ltd.)
Task: {4EA579CE-C970-4D66-B020-EDF38F05BF2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06] (Google Inc.)
Task: {535293F3-5932-490C-834E-0FC6333A5772} - System32\Tasks\Symantec\Norton Error Analyzer 5.2.2.3 => C:\Program Files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\symerr.exe [2012-06-07] (Symantec Corporation)
Task: {6981EEE2-CD59-4543-9D77-16B7C5E9F918} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProt ection\NAPStatus UI
Task: {7F4AD3F8-0420-4DD1-971F-4317C4C56611} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {7F613955-8239-4F44-B1D3-8679130EFE7D} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - Dove => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2011-04-07] (Leader Technologies Inc.)
Task: {C40BE13A-3544-4651-AC76-7455AE9E16BC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {D1449334-8DBC-413E-AA97-E2B87955B9A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWi relessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {F27A700D-2399-4465-8225-F76ACCEAD52F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Dove\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\Driver Booster Scan.job => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job => C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe
Task: C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job => C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe
Task: C:\Windows\Tasks\weDownload Manager Pro-enabler.job => C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe
Task: C:\Windows\Tasks\weDownload Manager Pro-updater.job => C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 07:25 - 2013-11-06 03:26 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\pdf.d ll
2013-11-14 07:25 - 2013-11-06 03:26 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ppGoo gleNaClPluginChrome.dll
2013-11-14 07:25 - 2013-11-06 03:25 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ffmpe gsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:8AB6C1D7
AlternateDataStreams: C:\ProgramData\TEMP:F216755A

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Opt ion => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2013 07:32:04 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0x3b8, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:59 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0x694, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:54 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0x9b4, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:49 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0xbd4, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:44 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0x84c, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:39 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0xa9c, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:34 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0xa14, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:29 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0x538, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:24 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0xb24, application start time 0xsvchost.exe_CryptSvc0.

Error: (11/14/2013 07:31:19 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_CryptSvc, version 6.0.6001.18000, time stamp 0x47919291, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8d118, exception code 0xc0000005, fault offset 0x0000000000001342,
process id 0xae8, application start time 0xsvchost.exe_CryptSvc0.


System errors:
=============
Error: (11/14/2013 07:32:08 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services53

Error: (11/14/2013 07:32:03 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services52

Error: (11/14/2013 07:31:57 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services51

Error: (11/14/2013 07:31:52 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services50

Error: (11/14/2013 07:31:47 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services49

Error: (11/14/2013 07:31:42 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services48

Error: (11/14/2013 07:31:37 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services47

Error: (11/14/2013 07:31:32 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services46

Error: (11/14/2013 07:31:27 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services45

Error: (11/14/2013 07:31:22 AM) (Source: Service Control Manager) (User: )
Description: Cryptographic Services44


Microsoft Office Sessions:
=========================
Error: (10/26/2013 08:32:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 129 seconds with 120 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-11-14 07:33:18.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\S YMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:17.749
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\S YMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:17.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\S YMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:17.275
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\S YMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:10.592
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:10.327
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:10.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:09.825
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:09.581
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-14 07:33:09.341
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C0 96-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20 130515.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 4023.94 MB
Available physical RAM: 3040.71 MB
Total Pagefile: 8225.13 MB
Available Pagefile: 7382.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:109.94 GB) (Free:37.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:106.4 GB) (Free:104.3 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 233 GB) (Disk ID: DD1CB00E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=106 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=12)

==================== End Of Log ============================
Reply With Quote
  #6  
Old November 15th, 2013, 09:00 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 36
Posts: 5,017
Next, download ComboFix Save to the Desktop
  • Now, close all open windows
  • Double-click combofix.exe to run the program
  • Follow the prompts.
  • If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
  • When told that the RC is installed correctly, press YES to continue scanning for malware.
  • ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
  • CF may reboot the computer and resume running when it restarts.
  • When finished, a log, ComboFix.txt, is produced.
Please provide the contents of the ComboFix report in your reply.
Reply With Quote
  #7  
Old November 15th, 2013, 08:23 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Log 1

This is the first ComboFix log that was done with computer in SafeMode with Networking. Because computer restarted, I could not connect to the internet as I was receiving an error. I will post the second ComboFix log that I did after many hours of trying to get computer to start correctly. I finally had to do a Repair Startup to get back online and that is when I ran the second log.

Tweaking.com - Windows Repair Change Log.

v2.0.1
Fixed bug where the /silent command didn't work. The bug was when you used /silent the repair window would show but didn't run the repairs. This is because with the new interface the treeview of the repairs wasn't loaded yet, so it didn't see any repair to run. This bug has now been fixed and /silent works again :-)

v2.0.0
New interface. Still the same layout but new colors that match the same look and feel as other programs on tweaking.com
Due to the interface changes I changed controls and graphics to make a smaller exe, smaller setup and use less memory.
Code improvements to Repair WMI.
All new logging. The program now records any output from the cmd.exe, not just errors. Bigger log files, but much better information when needed.
Support for Windows 8.1 added.
Tons of Code changes.
Repair Windows Updates updated.
Repair WMI updated.
Restore Important Windows Services updated.
Multiple bug fixes from the last version have been fixed.

v1.9.18
Bug fix: The program would get stuck in a opening and closing loop when you had it set to auto restart after repairs. This was because of a timer not turning off and wanting to update the window while it was closing down, thus the loop. This has now been fixed and the program closes like it should.

New feature: Since I had to get this bug fixed quickly I decided to take the time to add a new feature I came up with. In the steps before the repairs, Step 2 asks the user to do a check disk (chkdsk) on the system to make sure there is no file system errors before doing any repairs. I hated the fact that I forced the user to reboot to scan it when there may not be any errors on the file system. So I have added a new option to this step where the program will check the drive for errors and let you know if any are found. It is done by making a pipe to a cmd.exe window and running chkdsk in read only mode. Once chkdsk is done it looks for the key words "Windows found problems" and can let the user know if running chkdsk is even needed. Thus saving the user a reboot if there are no errors. I also have it log the chkdsk results to a chkdsk.log file in the logs folder in case a user wants to see the results of the chkdsk. :-)

v1.9.17
Updated the repair list to be numbered. This way when others have users use the program they can tell them what number in the list to choose instead of the repair name, making it easier for the user to check the correct ones.
Unhide non system files has been updated to support Unicode systems and file names and also to skip folders and files with symbolic links so it doesn't get stuck in a loop.
Unhide Non System Files now logs all files it unhides.
Repair WMI has been updated to apply MOF and MFL files back into WMI. So if you have a 3rd party program that added themselves to WMI they will be added back.
Log files have been updated to make a log file for each repair instead of trying to put everything into one log file. This is because the cmd.exe would sometimes give an error on the log file being in use.
Program now deletes old log files before running repairs. This way the log files dont keep growing in size if repairs are ran more than once.
Reset Registry Permissions has been enabled for Windows 8, but only does sections of the registry that doesn't effect the app store.
Repair Windows Firewall has been updated to use subinacl.exe to set the reg permissions instead of regini.exe. That is now 2 less files needed in the program.
Multiple code changes.

v1.9.16
Update to the Reset File and Reset Registry permissions. These repairs now delete orphaned SIDs and no longer follows symbolic links, keeping it from getting stuck in an infinite loop.
Updated the Repair Important Services to apply reg permissions to the service section in the registry (In case the reg permissions repair was skipped, and for users on Windows 8 who can't user the reg permissions repair because of the Windows App store.) and also to remove symbolic links from the Windows defender folder in case a well known virus put those there to break Windows defender.
Added remove_symbolic_links_from_windows_defender_folder .bat file to the files folder. This can be used by users who simply need to remove the symbolic links a virus puts on the Windows defender folder to keep Windows defender from working. The program now does this as well, but I decided to add a file for it for advanced users. The program doesn't not use this file, so changing it will have no effect on the program.
When a new update is available the program will now tell you in the caption bar instead of only at program startup. This is good for users who missed the message that there is a new version.

v1.9.15
Change the scan of malwarebytes from full to quick. Full is normally needed when scanning external drives and such and a quick scan is meant for scanning your system for all known malware locations and is much faster.
Small code changes.

v1.9.14
The awesome guys over at Malwarebytes gave me permission to allow Tweaking.com - Windows Repair to download and install Malwarebytes Anti-Malware and start a scan right from the program. This will now help make things a little easier for novice users and is a few less steps that my fellow techs need to do. When you start the program the scan option is on "Step 1" and is totally optional :-)

v1.9.13
Added msiserver service "Restore Important Windows Services" and "Repair MSI (Windows Installer)"
Added sppsvc service to the "Restore Important Windows Services"
Improved "Repair Internet Explorer", now better supports IE6 to IE 10.
"Repair Internet Explorer" now loads the list of files to register from the ie.txt file in the files folder. This gives users more control if they need it.
Improved "Repair MDAC/MS Jet"
"Repair MDAC/MS Jet" now loads the list of files to register from the mdac.txt file in the files folder. This gives users more control if they need it.

v1.9.12
Added 4 more service repairs to the "Restore Important Windows Services".
Improved repair print spooler.
Moved "Set Windows Services To Default Startup" to the bottom of the list. Since you can edit the file of what services are set to what startup, it made sense to move this last since other repairs that restore services put them back to their startup as well. This way a person can edit this file to keep any tweaks they have done to their services on the system.
Minor bug fixes and code changes.

v1.9.11
Improved "Repair Windows Update". On a very few machines the repair was unable to rename the pending.xml file. On vista and 7 this would cause the "installing update step 3 of 3" screen to never go away at boot up. By simply renaming the pending.xml file fixed this. Even though this was already part of the repair, if the file was in use at the time then it wasn't able to be renamed and the person would get stuck at the next boot. I am changed the repair to now remove any attributes from the file and set a secondary rename option directly in the registry to have windows rename the file at boot up. So now if the repair is unable to rename that file during the repair it will get rename at the next system boot. Hopefully this will now keep the "installing update step 3 of 3" screen from coming up and getting stuck. I was able to replicate this problem in Windows and the new repair fixed it in my testing.

Improved the "Repair Winsock & DNS Cache". The repair reset TCP which would also clear any static IP info set on the system. Per user request the program will now extract the static IP info, run the repair and then put the static IP info back.

v1.9.10
Improved the "Repair Windows Firewall". The program use to only restore the core of the shared access service. It didn't put any policies or rules. While helping a user in the forum they had a virus completely delete the shard access service key, including all rules. When the shared access was put back the firewall worked but he was unable to share any files. This is because there is some core things that have to be in the firewall rules in order to work. I have now added those core rules to the repair and it got his file sharing working just fine. This now makes the repair even better than before.

Added some more settings for the "Repair Windows Firewall". While helping a user in the forum the firewall was working but he couldn't get the firewall to open and would get a Group Policy error. While helping him I found the 2 reg keys that where needed to fix it. This keys are only on Vista and 7. They are not on Xp, 2003 or 8. The repair now puts these keys in on Vista and 7 only.

Added Windows Defender to the "Restore Important Windows Services" repair.

v1.9.9
Fixed bug reported by users where a folder was created on the C: drive called "Program" and windows would ask to delete or rename it, which was safe to do. The bug was with the new log settings. Bat files do not like spaces. If there was a space in the log location name it made that folder and the log was never made. The fix is to just make sure that the path is started and ended with quotation marks. I have updated all 250 locations in the program to make sure the log path has the quotation marks. This bug is now fixed.

v1.9.8
Changed the "Set Windows Services To Default Startup" repair to pull the services startup from a text file in the files folder instead of being hard coded. This will let users tweak this repair if they wish.

The program will now keep Windows from going into sleep mode or hibernation when repairs are running.

Added new repair "Repair Print Spooler"

Added "Time Elapsed" to the repair Window, so now users can see how long the repairs have been running.

Add new settings tab to the main window.

Under the new settings tab you can now change the default location for the log files.

Changed the default location of the log files from the Windows drive to the Logs folder in the program folder.

Added new repair "Restore Important Windows Services", this repair will replace all the services that the other repairs do. And as time goes I will add more services to this repair.

v1.9.7
Major changes to both "Reset Registry Permissions" and "Reset File Permissions". I found out that if you where on a non English system these two repairs simply wouldn't run and thus not change any permissions. This was because it was settings the permissions based on the names such as "Administrators" or "Everyone". On non English systems these are spelled differently and so would fail. I have changed these two repairs to set it by SID now instead of name. Example: Instead of "Administrators" it will use "S-1-5-32-544" (Which is the Windows Default SID for Administrators). These two repairs will now work on non English systems. As an added bonus, the two repairs run much faster now. The reason why is when I was using the names instead of the SID it had to go and lookup the SID of the names. Now that I am using the SID from the start it no longer has to do that lookup, thus making it run nearly twice as fast or better :-)

Fixed bug where if you opened the repair window, then closed it and then went back to it the repairs wouldn't work. This is because the program though it was in close down mode from closing the repair window. This has now been fixed.

Program now shows how many repairs are selected above the repair list. Example: "Repair Options (Selected: 10 of 35)"

The repair wmi was done in 3 steps to simply give a progress of what it is doing. Instead I have combined the 3 steps into 1.

Unhide none system files now gives a count of how many files it unhides. Also made a new status window to show when the unhide repair is running.

The Beta Repairs button will now be disabled when your running repairs.

The program now lists all fixed drives in the system for the Reset File Permissions and Unhide Non System Files repairs. Before it would only do the drive that Windows is on, now you can have it do other fixed drives as well. By default only the Windows drive is selected.

Log window now shows when a repair is being ran under the system account and the current user account.

The cmd.exe windows now show what repair it is doing in the title bar.

The program now checks if it is being run from a network path. If it is it lets the user know that due to Windows network security most repairs will fail and to please run the program locally on the system.

v1.9.6
Added renaming of the pending.xml file to the Repair Windows Updates

Due to an odd bug with the Windows 8 app store I had to disabled the reset reg permissions repair for now for Windows 8 systems. For some reason even though the app store has permissions, if you change the permissions in any way under certain keys under hkey local machine the app store will refuse to install apps and give the error code 0x8007064a. Until I can find out what keys the app store doesn't like touched I will keep this repair disabled for Windows 8.

v1.9.5
Fix bug where the program wouldn't go to the next repair if a cmd.exe was open. That means when the program was run from a bat file it wouldn't move forward. This bug was caused from a previous update. This is now fixed.

Updated the "Set Windows Services To Default Startup"

v1.9.4
On some systems, depending what programs are installed would not leave enough system resources for the reg and file permissions repair. On these systems after those repairs the rest of the repairs wouldn't work because the system was out of resources. There are two simple reg tweaks that increase the system resources Windows will use. Both repairs will now apply those two reg keys. Not only will this fix the resources being used up but should also fix any other program that runs out of resources. A reg file for these two tweaks are in the files folder with the program.

Added more files to the repair system restore.

Nearly all repairs run under the system account. As I work on the repairs I noticed something odd. Some parts of the repairs work when run under the current user account and fail under the system account, and other parts fail under the user account and work with the system account. Such as adding reg files or registering files. Here is an example registering the file blb_ps.dll under the user account works while trying to register it under the system account fails, and this only happens with a few files while the rest work fine under both. To handle this I now have some of the repairs run twice, once under the user account then again under the system account. This should handle any odd permissions between the two accounts and insure that the repairs are successful. This isn't needed on all repairs.

v1.9.3
Added a new section to the program called "Beta Repairs". There is a button on the repair window that will open it for you.
Added new beta repair "Repair System Restore" this is for Windows Vista, 7 and 8. Microsoft has no repair info on the system restore. So I monitored what services and files the system restore needs and I am working on the first known system restore repair. This is in the beta section till I get user feedback on how it works and if it gets system restore working again for people.

v1.9.2
Per user request the main repair window is now resizable.
Added 11 new file association repairs. What makes these repairs different than just clicking a reg file is on vista and newer some of the keys are locked. Since the program runs the repairs under the system account these repairs have access to those locked keys.
Added a "Tips" button that loads a page on the site with some tips on which repairs to run and tricks you can do with the program.
Changed the list in the program to a treeview.
I have some repairs unchecked by default now instead of all repairs checked.
Many code changes.

v1.9.1
Changes to the user interface.

v1.9.0
Minor Interface changes.
Program now pulls the information of each repair from a txt file instead of being directly in the program.
Added the BITS service to the Repair Windows Updates.
Added the wuauserv service to the Repair Windows Updates
Added a few more things to the Repair Windows Updates.
Added more support for Windows 8 repairs.
Added more dll files to the register system files repair.
Added new repair - "Repair Windows Safe Mode". This will put the default reg keys in order to boot into safe mode. Some viruses remove these reg keys. This will simply put the defaults back and allow safe mode to boot again.
Added more to the "Remove Policies Set By Infections" repair.
Multiple Code changes and improvements.

v1.8.0
Replaced Erunt registry backup with Tweaking.com - Registry Backup
Some new viruses have been adding programs to the Image File Execution Options in the registry. Keeping those programs from running. I have added 773 more items to the Remove Policies Set By Infections.
Added new repair "Repair Windows Snipping Tool". This will run on vista or newer and replace the reg keys needed for the snipping tool.
Added new repair "Repair .lnk (Shortcuts) File Association" This will run on vista or newer.
Updated the "Repair CD/DVD Missing/Not Working" to see if iTunes is running (Looks for ituneshelper.exe is running). If it is it puts the iTunes "UpperFilters" for the cd/dvd rom drive so iTunes wont give the error "Warning the registry setting used for importing CD are missing". More info here http://support.apple.com/kb/TS2372?viewlocale=en_US
Multiple code improvements.

v1.7.5
Improved operating system detection code. What does this mean? Some repairs need to know what version of Windows it is running run to run the correct code. The program used WMI to pull this info. But if WMI was broken it didn't pull the info. I now have it use the Windows API to pull the Windows version, and if for any reason it fails it will fall back to using WMI to pull the info.

v1.7.4
The program is now Terminal Server Aware. When you ran the program on a Windows server that had Terminal Services installed the Windows API returned the wrong path to the windows dir. This is now fixed.

v1.7.3
Updated the Repair Windows Firewall. It now restores the reg keys for the BFE, MPSSVC and WSCSVC services. Before it only put back the shared access service. Which in XP is all the firewall needed. But in Vista and 7 it required more services. They are now part of the repair :-)

v1.7.2
Small bug fixes to the log creation of the program.
I have removed the 3 options "Basic" "Advanced" and "Custom" before you start the repairs. Nearly all users that I have talk to, and myself included always choose custom anyways. No need for these other options and they have been removed. Should cut down on the confusion for new users on which to use.
New interface changes to the repair window in the program.
Added "Always On Top" option for the repair window.
Added a minimize button to the repair window. With the always on top option if something opens behind the window and the user needs to get to it they can now minimize the window.
Added a minimize button to the main window in the program for the heck of it :-)
Code improvements.

v1.7.1
Updated the Repair WMI to better handle the commands needed for the different version of Windows. While the WMI works great on XP, Vista and 7 it didn't work correctly on 2003 thus breaking WMI. I have added the commands need to have it run properly on 2003 :-)

v1.7.0
Small improvements to a few repairs.
Better support when running the program through a script. I have a good amount of repair shops that use this repair tool. Some like to run the repair tool with the silent command and from a script in a bat file. The old version of the program would close any cmd.exe window before running the repairs. This of course defeated the purpose of running through a script. So I have changed the way the program waits for a repair to finish. Instead of waiting for cmd.exe to close, each repair will now make a file. When the repair is finished it will delete the file, then the program will know to move onto the next repair.
I now have the cmd.exe windows change to a gray background with black text. This way when running the program through a script you will know which cmd.exe window belongs to the windows repair :-)
The program will now save any errors from the repairs into a txt file on the Windows drive in a folder. Example: "C:\Tweaking.com_Windows_Repair_Logs\" Multiple log files are made for the permission repairs. This is because the MS tool doesn't append to the log file, so a new file has to be made for each section. Since this could create a fair amount of log files I have the program cleanup any empty log files after the repairs are ran.

v1.6.5
Program detects if you are running in safe mode and warns that some repairs may not work in safe mode.
I have also made a few changes for all repairs to run better in safe mode. No guarantees but should definitely run better in safe mode than it has before.
Per user request you can now choose to restart or shutdown the computer after repairs.
I have the repair window resized to 750 x 550 pixels (Now bigger than before). This is the max size to fit on the screen in safe mode which is normally 800 x 600.

v1.6.4
Add ERUNT Registry backup tools. This is another option to backup the system registry before doing repairs. Also very helpful when a users system restore isn't working properly.

v1.6.3
Major improvement for the Reset File Permissions repair. On vista and newer the repair would allow access to folders windows normally blocked. Such as "C:\ProgramData\Application Data". Normally with this folder you would get an access denied. After you ran the reset file permissions repair you could access it. The side effect was that this folder points back to the C:\ProgramData folder. So it made an endless loop! The repair now checks if your on anything newer than XP. If you are then it runs a batch of commands after the repair that puts back the deny permissions on all the folders that are supposed to be blocked. This stops that endless loop from happening. 46 folders total. :-)

v1.6.2
Per user request I have added a silent command option to the program. Set the options in the setting.ini file and run the program with /silent. The program will run in custom mode running the repairs set in the settings and then close it self. Will even reboot when done if set in the settings. (Perfect option for my fellow network admins) :-)
Small code changes.

v1.6.1
Added new repair "Repair Missing Start Menu Icons Removed By Infections" This repair will put back the missing icons in the start menu, quick launch, and desktop that are moved by a rogue virus.

v1.6.0
Added new repair "Repair MSI (Windows Installer)"
Added exe fix (when a virus hijacks the exe section in the registry) to the "Remove Policies Set By Infections" repair.
Improved "Repair Windows Updates".
Small interface changes.

v1.5.8
Bug Fix: I found a very odd bug where some of the repairs were not working right. All repairs run under the system account (because of the trusted installer in vista and newer). For some reason the repairs that set registry keys by a .reg file and with regedit would run but the changes wouldn't take. The fix was to have those repairs run as the logged in account. Still scratching my head on that one, but at least now they work again :-D
Bug Fix: The repair windows firewall wasn't running all the repairs needed for it. This has now been fixed.
The Reset File Permissions now skips the "Users" folder in Vista and newer and "Documents and Settings". The reason for this is in Vista and newer there is a bug where if the file permissions are changed in the user profile then Windows thinks the file is shared when it isn't and you get a shared icon on it. More information is here http://www.tweaking.com/forums/index...opic,69.0.html
Small code improvements.

v1.5.7
Changed Windows Image Acquisition (WIA) from "stisvc start= demand" to "stisvc start= auto" in the windows services repair.

v1.5.6
The "Remove Policies Set By Infections" repair wasn't working properly. The commands where deleting the Reg file before it had been applied. I added the start /wait command to the regedit. "Remove Policies Set By Infections" Now works correctly :-)

v1.5.5
Removed "WwanSvc start= demand" from the windows services repair.
The program no longer defaults to the C:\ for repairs. The program now looks at the location of the Windows dir and uses the drive that Windows is on.

v1.5.4
On users machines who's "Path" variable was corrupt none of the repairs would work. To fix this I have added "set path=%SystemRoot%\system32;%SystemRoot%;%SystemRoo t%\System32\Wbem" to all the repairs. Now on users systems with a corrupt "path" variable the repairs will still work properly :-)

v1.5.3
Changed 4 service defaults from manual to auto in the set services to default startup repair. Media Center Receiver Service, Media Center Scheduler Service, Windows Media Center Service Launcher and Windows Media Player Network Sharing Service.
Removed Panda cloud antivirus from the program and put Avast as a recommendation (Step 2 Window).
Added ComboFix to the recommendation page (Step 2 Window).

v1.5.2
Interface changes.

v1.5.1
Blackvipers site listed the Windows 7 wireless service startup state as manual. But when it is set to manual it will not start and thus the user has no wireless. I have updated the services startup repair tool to put the wireless to auto instead of manual.

v1.5.0
Added a new repair "Set Windows Services To Default Startup". (Currently 194 services) This will set the Windows services to their default startup state. Special thanks to http://www.blackviper.com/ for having all the default information handy. This will set the services startup by the "sc config" command and not by the registry. The information on the repair in the program lists all the services that are set.

1.4.3
The new setup file for the program was missing some of the repair files it needed. The setup has been updated and I made this new version so people who downloaded the last version will update and get the rest of the files they need.

1.4.2
Removed moving arrow from the repair window. Since the list of repairs is growing and the list is scrollable the arrow didn't work well.
In a past update I removed the custom buttons because they would cause the program to crash. The program then used the default old ugly buttons. I have made a new button control and updated the buttons so they look better, and it doesn't cause the program to crash like the old ones.
Program now asks the user if they want to create a restore point before doing repairs if they didn't have the program create one.
The program now comes in a setup program and the portable version. The new setup is larger because it contains the VB6 SP6 runtimes the program needs in case they are corrupt on the system that is being repaired.
More Code tweaks and changes.

v1.4.1
Added more files to the register system files repair that will fix "Class not registered" when trying to open a .mmc file. Such as Task scheduler, Device Manager, Computer Management and more.
Program now starts the Windows Sidebar after the Windows Sidebar repair.
Removed the security zones in IE being reset with the sidebar repair.
More code tweaks and improvements.

v1.4.0
Removed the custom buttons from the program. It was causing the program to crash on some systems. Program is meant to repair, not look pretty, so ugly standard safe buttons it is :-)
Add new repair "Repair Windows Sidebar/Gadgets"
Changed the window size of the repair window, making it smaller and easier to fit on screen for smaller resolutions.
More code tweaks.

v1.3.1
Minor GUI and code Tweaks.

v1.3.0
If you ran an older version of this repair program and it caused problems on your system, download and run this version and it will fix any problems it caused :-)
Added new repair "Repair Volume Shadow Copy Service"
Major update to the program making it safer and better at repairs. Make sure to use this new version and not the old versions.

v1.2.0
Per user request - Added a new repair "Repair CD/DVD Missing/Not Working"
Fixed bug where when repairing WMI the WMI tester would open and the program wouldn't move forward till the WMI tester was closed. Most users didn't know to close this. I have made the program now look for and close the WMI tester if it pops up during the WMI repair.

v1.1.1
Remove some files from the Register System Files repair. While this repair worked great on a lot of some systems on a few ones it would create more problems. The repair now has a much smaller list of only known good files to register.
Updated Repair IE section.
Updated Repair MDAC Section.

v1.1.0
Major changes to how the program launches the repairs. It now shows the command window doing the repair in the task bar. Also should work better with the UAC enabled and running the commands as administrator. This will also keep the program from not responding during repairs.
Updated the file permissions repair to include everyone and users full rights. It use to do just Administrators & System. But on some machines they needed more to get things working right again. This should fix that.
Replaced some of the controls in the program so the program & zip file is smaller in size.

v1.0.2
Fixed bug in Repair WMI (Hopefully got it this time)
Added link to help fix any problems someone might have with the file permissions repair.

v1.0.1
Fixed bug in Repair WMI
GUI Changes.

v1.0.0
First Release
Reply With Quote
  #8  
Old November 15th, 2013, 08:25 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Log 2

Tweaking.com - Registry Backup Change Log.

v1.6.7
Fixed bug where DEP on a system would cause the program to crash. This was because of a custom Unicode label control I was using. I removed that custom control and the program no longer crashes on DEP enabled systems.
Code changes, in the last version 1.6.5 I had moved the task scheduler code from the pcwintech_tasksch.dll to the exe instead. With the goal of having one less file. But when I did that 11 antivirus programs on virustotal.com flagged the exe as a "GEN" or generic virus. While I could have simply submitted the exe to each of them and had them fix their definitions I instead moved the code back to the dll. The exe is no longer being flagged by those programs.

v1.6.5
Tree view can now show Unicode characters.
The program now pulls the Windows version number from the API instead of WMI. If WMI was corrupt on the system it couldn't pull the version of Windows, with the API call instead this is no longer a problem. The version number is used so the program knows which of its vss tools to run.
Fixed bug where if you choose to backup using the fallback method, and then turned it off right after, the program would still use the fall back method until you restarted the program. This has now been fixed.
Multiple UI changes.
A lot of code updates and tweaks.
Fix a bug where you couldn't create a schedule in the task scheduler on Windows XP & 2003 64 Bit.

v1.6.1
Bug Fix: Some users reported the program would crash when it was closing itself down after a good backup. This new versions seems to have that fixed as I made some changes to the code.
Small bug fix. The backup now button was always enabled at startup, so if a person clicked backup now before the treeview was done listing the hive files the backup would just get stuck in a loop. This has been fixed by disabling the button by default and then enabling it once the hives have all been loaded in the treeview.
Program is now half the size. I redid some code, removed a few things and compiled the program different cutting the size down from 1.6mb to 824KB.

v1.6.0
Windows vista, 7 and newer added a new registry hive to the system called Components. The program now supports this new registry hive.

v1.5.3
Fixed bug where if you had the program set to do only 1 backup per day, and had it run from the task scheduler and no backups had been created yet the program wouldn't run the backup. This was because it couldn't find the backup path since none was created yet and it caused an error to make the program think a backup was already done. This has now been fixed.

Added new feature where the program will show the elapsed time during the backup. If using the volume shadow copy service instead of the fallback method, there is a now a button on the backup progess window to use the fall back method. If VSS isn't working correctly on a system the program can end up waiting forever for VSS if it doesn't report an error but never makes the snapshot. With this button a person can tell it to use the fallback method instead if VSS appears to be taking far to long. This way a user doesn't have to stop the backup, go to setting, set the fallback and start over, thus saving the user time.

v1.5.2
Couple of GUI changes.

Per user request I added an option to show a system tray icon when running a scheduled backup that is set for hidden.

v1.5.1
Improved the auto delete old backups feature in the program.

v1.5.0
Per user request I added a new option to the auto delete old backups. You can now set it to always keep a minimum amount of backups. Example: A user has their system off and is gone for a while, when they come back and run the reg backup it would remove all the old backups, since the user was gone for a while all old backups were removed. With this new option it wont remove all the backups.
Fix bug where if the program had trouble pulling the system info it would load the tree view incorrectly and thus not backup those files. This is now fixed.
Changed the way the program closes itself. On a few systems after the backup was complete and the program closes itself it would randomly crash. Hopefully this new close down process will fix that.
Multiple code changes and improvements.

v1.4.3
Code change to how the program detects and waits for the VSS before using the fallback method.

v1.4.2
Small bug fix.

v1.4.1
Right click menu from the task bar now works.
Fixed a bug where the program wasn't telling when VSS would fail and thus it would never close or move forward.
Restore list now shows computer name with each backup that can be restored. This is helpful for techs that run the program from a thumb drive or server and have multiple machines they keep in the backup. By seeing the computer name they can tell which backup belongs to which machine without having to load and check each one.
Restore list is now better sorted.
Code tweaks.

v1.4.0
The program now detects if it didn't close right, if so ask if they want to use the fallback backup method instead (This is for people who get a blue screen of death when trying to use the volume shadow copy)
You can now have the program always use the fallback backup method instead of the volume shadow copy service. The goal of this is for the people who have a messed up VSS on their system. Instead of making them wait for the VSS to fail it will now run right away.
Per user request you can now have the program only make 1 auto backup per day. (This is for the people who have it set to backup at system startup but reboot their machines multiple times per day)
Change the -silent command to run the backup minimized.
Add some new command line options. -supersilent (Backups but shows no GUI at all) -auto (Runs the program, does a backup and then closes, the user can see it as it works, this was the original way the -silent command use to work)
Now that the program has 3 different command lines it can use, the user can now tell the program which command to use for the scheduled backups.

v1.3.0
Per user request you can now name each registry backup.
You can set the default backup name and default auto backup name for the backups under the advanced settings.
Major change to the restore process in the program. Before the user profile registry files didn't always get restored because the move file operation was written to the old system registry file. This only happened if you restored the user profiles and the system registry at the same time and only when restoring from the program. This has now been fixed :-)

v1.2.1
Added a message box when restoring the registry asking if you want to restore. This is for the users who clicked restore that didn't mean to, this gives them the option to keep it from restoring :-)
Added a open backup location button to the restore section.
Added a delete this backup button to the restore section.
Increased the combo box drop down list size in the restore section. It will now show the whole list without needing to scroll, but only to the max height of the program. If the restore list is bigger than that then it will scroll. This keeps it from being to big and going off screen.

v1.2.0
Program now has an advanced settings section.
Program now has a fallback backup method if the volume shadow copy service fails on a system. It will use the Windows API to backup the core registry files and only the current user registry file. Volume shadow copy is the best way to get all registry files on the system, but now with the fallback method, people who don't have a working volume shadow copy are not left out.
Added new setting to control what VSS exe the program uses. The program uses WMI to pull the OS information. but if WMI isn't working correctly the information isn't pulled and the program doesn't know which vss exe to use. With this new setting you can control it if you have any trouble.
Program can now backup locked profile registry files without having to be ran under the system account.
Improved the scheduler code.
Edit schedule now opens the Windows Task Scheduler.
Code and log improvements.

v1.1.0
The program is now Terminal Server Aware. When you ran the program on a Windows server that had Terminal Services installed the Windows API returned the wrong path to the windows dir. This is now fixed.
Added more info to the log files showing what system variables the program pulled from the system.
Changed the way the program is complied, the program exe is now smaller.

v1.0.0
Program is no longer beta and ready to use by all.
Multiple code tweaks and fine tuning for new release.
Online help and videos done.

v0.9.8
Added Help & Support section.
More code improvements.

v0.9.7
Installed version of the program will default the backup location to C:\RegBackup\. The portable version will stay the same of the current folder the program is being ran from as the default location.
The program now makes a restore batch file with the backups to use from the Windows recovery console. This will make it easier for normal users to do a restore if the system isn't bootable.
Program will now change the font color in the list if a backup fails for a that reg file.
Added a "View Logs" button to the backup window after a backup is ran.
Program now adds the reg keys needed for the recovery console to allow access to now Windows folders. This is needed for a restore from the recovery console.
The program now sets the schedule for system logon instead of at midnight for the default. The user can of course change this to what ever they like.
Various code tweaks.

v0.9.6
Log_Vss.txt now gets stored with the backup like the other log files.
Improved Vss logs to find out why a snap shot doesn't get created or mapped.
More code tweaks to the main program.

v0.9.5
Added extra checks during the backup process.
Spelling changes to a few sections in the program to make them better understandable.
Multiple code improvements.

v0.9.4
Change the way the program logs the backup and restore. It will now store a log file with each backup.
Logs now record the date and time for each entry.
Better error handling for the file copy progress.

v0.9.3
Added new options to the schedule settings. You can now choose to have the schedule run under the current user account or the system account.
Small code changes.

v0.9.2
Small bug fix where the program would sometimes get stuck in a loop when loading the treeview.
The backup location setting can now be typed in instead of just using the browse button.
The backup location browse button will now default to what ever backup location is currently set.
Spelling changes.

v0.9.1
Fix bug where when running from the task scheduler it wouldn't grab the user profile locations. This is because the program use to pull the current user profile to get the profile directory. When running from the task scheduler it is ran as the system account which is stored in a different location. This is now fixed.

v0.9.0
First public beta release.
Reply With Quote
  #9  
Old November 16th, 2013, 11:33 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 36
Posts: 5,017
What exactly did you download? THis is not from Combofix, this seems like an implemented update list from tweakings windows repair tool.
Reply With Quote
  #10  
Old November 16th, 2013, 04:03 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Report Part 1

ComboFix 13-11-16.01 - Dove 11/16/2013 8:08.1.2 - x64
Microsoft« Windows VistaÖ Home Premium 6.0.6002.2.1252.1.1033.18.4024.2047 [GMT -5:00]
Running from: c:\users\Dove\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BetterSurf\ie\BeTTersurf.dll
c:\program files (x86)\weDownload Manager Pro\weDOwnload manager pro-bho.dll
c:\users\Dove\AppData\Local\Temp\RtkBtMnt.exe
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WsysSvc
-------\Service_DefaultTabUpdate
.
.
((((((((((((((((((((((((( Files Created from 2013-10-16 to 2013-11-16 )))))))))))))))))))))))))))))))
.
.
2013-11-16 13:27 . 2013-11-16 13:27 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\L ocal\temp
2013-11-16 13:27 . 2013-11-16 13:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-16 13:27 . 2013-11-16 13:27 -------- d-----w- c:\users\Admin\AppData\Local\temp
2013-11-15 20:19 . 2013-11-15 20:19 -------- d-----w- c:\program files (x86)\BetterSurf
2013-11-15 12:27 . 2013-11-16 13:48 -------- d-----w- c:\users\Dove\AppData\Local\temp
2013-11-14 12:09 . 2008-01-21 02:47 3765288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC4E15CC-DDF0-4284-9E19-E738504688B1}\mpengine.dll
2013-11-13 19:42 . 2013-11-13 19:42 -------- d-----w- C:\FRST
2013-11-13 17:46 . 2013-11-13 17:54 -------- d-----w- c:\windows\system32\MRT
2013-11-13 14:57 . 2013-11-13 14:57 -------- d-----w- c:\users\Dove\AppData\Local\weDownload Manager Pro
2013-11-13 13:50 . 2013-11-13 13:50 -------- d-----w- c:\program files (x86)\Belarc
2013-11-13 01:08 . 2013-11-13 01:08 -------- d-----w- C:\found.014
2013-11-12 19:59 . 2013-11-12 19:59 -------- d-----w- C:\found.013
2013-11-12 12:27 . 2013-11-12 12:33 -------- d-----w- C:\AdwCleaner
2013-11-12 11:55 . 2013-11-12 11:55 -------- d-----w- c:\users\Dove\AppData\Roaming\MyTurboPC.com
2013-11-12 11:54 . 2013-11-12 12:14 -------- d-----w- c:\programdata\MyTurboPC.com
2013-11-10 21:15 . 2013-11-10 21:15 -------- d-----w- c:\users\Dove\AppData\Local\BrowserSafeguard
2013-11-10 20:24 . 2013-11-10 20:24 -------- d-----w- c:\users\Dove\AppData\Local\NativeMessaging
2013-11-10 18:30 . 2013-11-10 18:30 -------- d-----w- C:\found.012
2013-11-10 18:26 . 2013-11-10 21:16 -------- d-----w- c:\programdata\CanonIJPLM
2013-11-10 12:20 . 2013-11-10 12:20 -------- d-----w- C:\found.011
2013-11-09 19:29 . 2013-11-09 19:55 -------- d-----w- c:\windows\system32\spool(418)
2013-11-08 11:18 . 2013-11-08 11:18 -------- d-----w- C:\found.010
2013-11-07 19:39 . 2013-11-07 19:39 -------- d-----w- C:\found.009
2013-11-07 03:08 . 2013-11-07 03:08 -------- d-----w- C:\found.008
2013-11-07 01:10 . 2013-11-07 01:10 -------- d-----w- c:\users\Dove\win
2013-11-07 01:10 . 2013-11-07 01:10 -------- d-----w- c:\users\Dove\network
2013-11-07 01:10 . 2013-11-07 01:10 -------- d-----w- c:\users\Dove\hardware
2013-11-07 01:10 . 2013-11-07 01:10 -------- d-----w- c:\users\Dove\f-secure
2013-11-07 01:10 . 2013-11-07 01:10 -------- d-----w- c:\users\Dove\basic
2013-11-07 00:20 . 2013-11-07 00:20 -------- d-----w- c:\users\Dove\AppData\Roaming\PowerCinema
2013-11-06 22:30 . 2013-11-06 22:30 -------- d-----w- c:\users\Dove\AppData\Local\Sprint
2013-11-06 21:43 . 2013-11-16 13:45 -------- d-----w- c:\windows\system32\wbem\repository
2013-11-06 21:30 . 2013-11-06 21:30 -------- d-----w- C:\found.007
2013-11-06 16:51 . 2013-11-15 20:49 -------- d-----w- c:\program files (x86)\Charter Security Suite
2013-11-06 14:06 . 2013-11-07 20:09 -------- d-----w- c:\programdata\F-Secure
2013-11-05 19:22 . 2013-11-05 19:22 -------- d-----w- C:\found.006
2013-11-05 17:41 . 2013-11-05 18:06 -------- d-----w- C:\temp
2013-11-05 17:36 . 2013-11-10 12:17 -------- d--h--w- c:\windows\msdownld.tmp
2013-11-05 16:14 . 2013-11-05 16:15 -------- d-----w- C:\WINSSLog
2013-11-05 15:36 . 2013-11-05 15:37 -------- d-----w- c:\programdata\MFAData
2013-11-05 15:36 . 2013-11-05 15:36 -------- d-----w- c:\users\Dove\AppData\Local\MFAData
2013-11-05 15:36 . 2013-11-05 15:36 -------- d-----w- c:\users\Dove\AppData\Local\Avg2014
2013-11-05 14:29 . 2013-11-05 14:29 -------- d-----w- C:\found.005
2013-11-03 12:21 . 2013-11-03 12:21 -------- d-----w- c:\programdata\Sprint(23)
2013-11-03 12:00 . 2013-11-03 12:00 -------- d-----w- C:\found.004
2013-11-02 22:56 . 2013-05-22 22:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-11-02 02:46 . 2013-11-02 02:46 -------- d-----w- C:\IObit
2013-11-02 02:37 . 2013-11-02 02:37 -------- d-----w- c:\program files\Realtek
2013-11-02 02:13 . 2013-05-22 22:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-11-02 02:10 . 2013-11-09 16:07 -------- d-----w- c:\programdata\ProductData
2013-11-02 02:10 . 2013-11-02 02:10 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-02 02:08 . 2013-11-02 02:08 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-11-02 02:08 . 2013-11-16 13:25 -------- d-----w- c:\program files (x86)\weDownload Manager Pro
2013-11-02 02:08 . 2013-11-06 19:02 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-11-02 02:08 . 2013-11-14 14:57 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-11-02 02:08 . 2013-11-06 19:02 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
2013-11-02 02:08 . 2013-11-15 13:24 -------- d-----w- c:\program files (x86)\Swift Browse
2013-11-02 02:08 . 2013-11-02 02:08 -------- d--h--w- c:\programdata\Common Files
2013-11-02 01:05 . 2013-11-16 12:59 -------- d-----w- c:\programdata\eSafe
2013-11-02 01:03 . 2013-11-14 14:57 -------- d-----w- c:\program files (x86)\Smart PC Cleaner
2013-11-01 18:58 . 2013-11-01 18:58 0 ----a-w- c:\program files (x86)\GUTDF47.tmp
2013-11-01 18:58 . 2013-11-01 18:58 -------- d-----w- c:\program files (x86)\GUMDF46.tmp
2013-10-29 12:29 . 2013-10-29 12:29 -------- d-----w- c:\users\Dove\AppData\Roaming\Verizon
2013-10-29 11:37 . 2013-10-29 11:41 -------- d-----w- c:\users\Dove\AppData\Local\SupportSoft
2013-10-29 11:37 . 2013-10-29 11:41 -------- d-----w- c:\program files (x86)\Verizon
2013-10-26 15:39 . 2013-11-02 00:35 -------- d-----w- c:\windows\Temp9C0B42DF-F0BF-9E95-9DF9-C241F69CDDC0-Signatures
2013-10-25 00:47 . 2013-11-02 00:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 00:47 . 2013-11-02 00:35 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-10-09 15:21 . 2011-07-09 16:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-06 19:57 . 2013-10-06 19:57 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-06 19:56 . 2012-06-23 01:22 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-06 19:56 . 2010-07-16 16:07 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-12-09 03:14 . 2011-12-09 03:14 6216032 ----a-w- c:\program files (x86)\windowsupdateagent30-x86.exe
2011-12-09 03:10 . 2011-12-09 03:10 3038 ----a-w- c:\program files (x86)\fix_svchost.bat
2011-07-22 15:08 . 2011-07-08 15:59 17279944 ----a-w- c:\program files (x86)\bndr2_setup_latest.exe
2011-05-05 12:03 . 2011-05-04 18:29 3109320 ----a-w- c:\program files (x86)\PdaNetA300x64.exe
2009-11-19 02:44 . 2009-11-19 02:44 714528 ----a-w- c:\program files (x86)\jre-6u17-windows-i586-iftw-rv.exe
.
.
Reply With Quote
  #11  
Old November 16th, 2013, 04:04 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Report Part 2

------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_05848900 d35a7bfd\null.sys
[-] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\system32\drivers\null.sys
.
[-] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcd b9194e539\tdx.sys
[-] 2008-01-21 . 8C39C72E0E853DE04748C0337D9B9216 . 94208 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63c f947319ed\tdx.sys
[-] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[-] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_non e_d507c23d565be6a3\browser.dll
[-] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[-] 2012-06-01 . 0688C6F0E5B1E0ADB1E10BF6A9023063 . 11264 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072 b950d95\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f81 26e70e3\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a721 26ca0b8\lsass.exe
[-] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32 b8b272b\lsass.exe
[-] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d93 12b9991\lsass.exe
[-] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972 b7a16dd\lsass.exe
[-] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2 e47247b\lsass.exe
[-] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d73 14a3edc\lsass.exe
[-] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf81 83ad660\lsass.exe
[-] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b321 55f99ff\lsass.exe
[-] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272 e6ecc60\lsass.exe
[-] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e1 2769b11\lsass.exe
[-] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32 b935432\lsass.exe
[-] 2009-02-13 . 1979F94B28107233315DD6220F2304DD . 11264 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252 e799f25\lsass.exe
[-] 2009-02-13 . E231BDBD7D69857EEFFDEB3A48A53824 . 9728 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b941 8124aab\lsass.exe
[-] 2009-02-13 . 563B71CEF1D46A24C5980FA2988DB67F . 9728 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d3 12801c6\lsass.exe
[-] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461 528a96c\lsass.exe
[-] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b981 52c3e5e\lsass.exe
[-] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f521 24a74b8\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[-] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb7 1a0a2d4469\netman.dll
[-] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[-] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad9 7caef1480e\qmgr.dll
[-] 2008-01-21 . D896A0D43F8AB81ECB1FC6C24DECFD58 . 1082368 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf60 70b1cf7cc2\qmgr.dll
[-] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[-] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08 bf35f3abe\rpcss.dll
[-] 2009-03-03 . 857E04C16007E60FCC0803239C853E78 . 717824 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_c6259b5 10f93cd21\rpcss.dll
[-] 2009-03-03 . 52CDADE8289FF21F1F2215FF51A5F36C . 718336 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_c5d9dd2 ff64839ac\rpcss.dll
[-] 2009-03-03 . 007F8DE7AC0F9386C3FD2EC7DC87C37A . 724992 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_c3e2cce 1f92f2ca2\rpcss.dll
[-] 2009-03-03 . 54FF562C2710BB610B019D723B16FB2A . 724992 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_c47a129 912422fc2\rpcss.dll
[-] 2008-01-21 . FF27BE0BA7B3C48D5C99AFCB56D436C2 . 713728 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777 ff63d6f72\rpcss.dll
[-] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[-] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_ none_2d69d4f782c83d8c\services.exe
[-] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_ none_2b7e5beb85a67240\services.exe
[-] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[-] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b84 90538c82\spoolsv.exe
[-] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be7 7751de08\spoolsv.exe
[-] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_32607881 79ed5d57\spoolsv.exe
[-] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802 932180c9\spoolsv.exe
[-] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b1 77080198\spoolsv.exe
[-] 2008-01-21 . E6519A9E756D74DC51C697BA62162F51 . 267264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea5 79e6364c\spoolsv.exe
[-] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[-] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd 15a68a70b877\winlogon.exe
[-] 2008-01-21 . 856491FCED98093D824B9EB2892F564A . 406016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe1 9c9a8d4eed2b\winlogon.exe
[-] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[-] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6 d9b810\comctl32.dll
[-] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44 c5cb0dae9066\comctl32.dll
[-] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432 d25ac526cda7f\comctl32.dll
[-] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9 968dcc\comctl32.dll
[-] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe65 5b750d60b18a\comctl32.dll
[-] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a 7622b394b8efb\comctl32.dll
[-] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d 76b771\comctl32.dll
[-] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509 f852f40ee5cd\comctl32.dll
[-] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_414 66cae55469b30\comctl32.dll
[-] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890 626a5a\comctl32.dll
[-] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_1530 2f0af3bbd1ec\comctl32.dll
[-] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40b f29b13c26ca69\comctl32.dll
[-] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509 f8bef40ee4da\comctl32.dll
[-] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e 7382f3bd50c6\comctl32.dll
[-] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba8490 54f4b0\comctl32.dll
[-] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40b a501d3c2b20ff\comctl32.dll
[-] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559 f1c6f365a7fa\comctl32.dll
[-] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_403 39432230aebeb\comctl32.dll
[-] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_8 8cf765b9e8f4a59\comres.dll
[-] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[-] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145 070b66b\cryptsvc.dll
[-] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a96 9992348\cryptsvc.dll
[-] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5 053e14b\cryptsvc.dll
[-] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e76 9910757\cryptsvc.dll
[-] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf45 04e8a6b\cryptsvc.dll
[-] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e85 32cbf1f\cryptsvc.dll
[-] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6 af7b3ad073cdcab\es.dll
[-] 2008-04-19 . 1782416278B378F80862187EEBC0A51C . 361472 . . [2001.12.6930.16677] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_6 6e14e8d0d26f566\es.dll
[-] 2008-04-19 . 7143F5F8D7FF0712B6D2F336495554FE . 361472 . . [2001.12.6930.20818] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_6 7accd1026130408\es.dll
[-] 2008-04-18 . AE5538074DF0BB8EE5A3ECB9F5460965 . 361984 . . [2001.12.6931.22162] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6 956f87823678b7d\es.dll
[-] 2008-04-18 . 6B1A97BF9FEFBDC83F3C7C7D0F826C66 . 361984 . . [2001.12.6931.18057] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_6 8dd2d0b0a3d4e75\es.dll
[-] 2008-01-21 . D8338E6B3C23AD36096A6FDABD039283 . 354304 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_6 90c3aa10a1b115f\es.dll
[-] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[-] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a 62fea3984\imm32.dll
[-] 2008-01-21 . 8D2C00D198598AAE77B1648FFBF39895 . 163840 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_b874b99 a32c86e38\imm32.dll
[-] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[-] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b2 75afcf9\usp10.dll
[-] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700 e1ced6b\usp10.dll
[-] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec1 10986fd\usp10.dll
[-] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2 a2e5936\usp10.dll
[-] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0 dfb9cb0\usp10.dll
[-] 2008-01-21 . 8745227FAB62C0886B4B122CAD1D799E . 622080 . . [1.0626.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_091914921 0d9d164\usp10.dll
[-] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\system32\usp10.dll
.
[-] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6002.18704] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_f1c7 06d10bcb97ea\kernel32.dll
[-] 2012-09-28 . 53864C438B27EAC653D35F8ACF0A17FC . 1211904 . . [6.0.6002.22942] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_f223 653e250b71f1\kernel32.dll
[-] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0 c2e10be78eec\kernel32.dll
[-] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c 004224f88e9f\kernel32.dll
[-] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd 1caf0ec055f8\kernel32.dll
[-] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00c ddde28084bf0\kernel32.dll
[-] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7 f9d10bcac530\kernel32.dll
[-] 2009-02-13 . 8331C9E592358DE5157169699BD836D7 . 1208832 . . [6.0.6001.18215] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_efd6 b6170eac8ed6\kernel32.dll
[-] 2009-02-13 . 2EEE45C483BA534A84CACC9D8001FE0E . 1210880 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_f020 73a427f9ef9d\kernel32.dll
[-] 2009-02-13 . 1A5CE3CDE414ED758D4E1616F422C20B . 1233408 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_ede0 a61311929b23\kernel32.dll
[-] 2009-02-13 . 08E8EF6A8D18BD1D89896903DCD103D2 . 1233920 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_ee74 eaec2aa8523e\kernel32.dll
[-] 2008-01-21 . 1122C8BE4BC4F392598A9543DC1014E0 . 1213952 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_efdc 80c50ea8f9e4\kernel32.dll
[-] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[-] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483 cda05db182e8\linkinfo.dll
[-] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[-] 2012-12-16 . 29BC2630B5E1A782F7C1A765F6641E39 . 32768 . . [6.0.6002.23004] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_0865b0db2 9243cbb\lpk.dll
[-] 2012-11-08 . 1B3B77010FB77CE937E48B7ABDC7A0B7 . 32768 . . [6.0.6002.22969] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22969_none_0829faa32 9502fd2\lpk.dll
[-] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_081453332 9607318\lpk.dll
[-] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2 c264b6e\lpk.dll
[-] 2011-01-08 . 53F965A37AF97ED41A5D722F653F7A16 . 32768 . . [6.0.6002.22566] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_0826f22d2 952ef31\lpk.dll
[-] 2011-01-08 . 973AC5DF18195F659F950BAD8B52FC27 . 32768 . . [6.0.6001.22830] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_065aee4d2 c19ae30\lpk.dll
[-] 2010-10-28 . 712393754587ECC35EC72680D3031298 . 32768 . . [6.0.6002.22514] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_085b01352 92c30ce\lpk.dll
[-] 2010-10-28 . 502D874EFB849DB686B31EA5C6C64750 . 32768 . . [6.0.6001.22787] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_062bded12 c3bee1f\lpk.dll
[-] 2010-05-26 . 015628C13EA6B4CC62D9CFC276379F02 . 32768 . . [6.0.6002.22412] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_0858febb2 92e00f9\lpk.dll
[-] 2010-05-26 . 801AA6FFA579BA861BF002E5DB209F19 . 32768 . . [6.0.6001.22700] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_067b5c2b2 c015d36\lpk.dll
[-] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72 c1e3808\lpk.dll
[-] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92 ef9aa84\lpk.dll
[-] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde1 5cd6ce8\lpk.dll
[-] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2 941d931\lpk.dll
[-] 2009-06-15 . 4E53E703118C8092D255B4BEC2FE997B . 33280 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_045b108d2 f0563f2\lpk.dll
[-] 2009-06-15 . 25634B6ADDBAB73F6EF235D26D93C84A . 33280 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_03bfc9ae1 5f5fb76\lpk.dll
[-] 2009-06-15 . 414E030D6D67F6F7F4663BCF441936CA . 32768 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_064546dd2 c29f176\lpk.dll
[-] 2009-06-15 . 1E8003BF4D8A37EA8BFA005879D47258 . 32768 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_082db9592 94e7948\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_05f1b3fc1 2e3ce82\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_05a808e81 31abf15\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b261 3009b17\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_059d3cc81 322d554\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_05cd7fd01 2fde16a\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_05af10a01 31467eb\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c81 3249fcd\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d081 00599ce\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_07a31c441 031c027\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1 016b580\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_0799506e1 038efbd\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_07bdc3401 01cfe6d\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_078d821e1 041ef7e\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a01 0058e6a\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_07c79a7a1 015bdc1\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_07a72ab61 02e1194\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[-] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.1 8000_none_0c54e1384cf6f7c7\hnetcfg.dll
[-] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[-] 2013-11-06 . 88664D38A94CDBD372ABB617E2928C37 . 17833984 . . [9.00.8112.16514] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16514_none _2f62bbc018605f9f\mshtml.dll
[-] 2013-03-01 . 64B6E1751772A66040EAFCA05462719E . 9332736 . . [8.00.6001.19412] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19412_none _5241e413f05a9acc\mshtml.dll
[-] 2013-03-01 . E08987BE781397F3619F6A84BB8D3EAE . 9335808 . . [8.00.6001.23480] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23480_none _527dcef109b2ce58\mshtml.dll
[-] 2013-02-28 . B0AB3031EC2E4B05C960506FEA569D72 . 9335808 . . [8.00.6001.23471] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23471_none _52899f2709a9cbbe\mshtml.dll
[-] 2013-02-28 . 2DB952F1C622446BA2C82289C743B9B0 . 9332736 . . [8.00.6001.19403] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19403_none _524db449f0519832\mshtml.dll
[-] 2013-01-05 . 379E7DBE58FACB5D2FEB9019E3F1A648 . 9331200 . . [8.00.6001.19400] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19400_none _524ab36bf0544c2d\mshtml.dll
[-] 2013-01-05 . 7ED5D3F6D865D666D3E353376FAE6113 . 9334272 . . [8.00.6001.23468] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23468_none _529b7119099b612e\mshtml.dll
[-] 2013-01-04 . 2143A2C06D6654EA91FB38CC3FCA3EEA . 9330176 . . [8.00.6001.19394] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19394_none _51ed6361f099afdb\mshtml.dll
[-] 2013-01-04 . 47FB7148B45010EAA073EF118668420E . 9333760 . . [8.00.6001.23462] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23462_none _52956f5d09a0c924\mshtml.dll
[-] 2012-11-09 . 9C58E91918AD09D2601715985F3A9DD9 . 9329152 . . [8.00.6001.19393] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19393_none _51ec6317f09a9684\mshtml.dll
[-] 2013-01-05 . 379E7DBE58FACB5D2FEB9019E3F1A648 . 9331200 . . [8.00.6001.18702] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_2f2543 6a5491724b\msvcrt.dll
[-] 2011-12-14 . 4B2F10ED918CA8B29A04B8B1B34D9349 . 621056 . . [7.0.6002.22755] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_2fb2e3 436dab7498\msvcrt.dll
[-] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4a b054655a2f\msvcrt.dll
[-] 2008-01-21 . 11DB261E8EE318CA41498300327CB5F2 . 621056 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_2d73d1 a457438ee3\msvcrt.dll
[-] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\system32\msvcrt.dll
.
[-] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e 2cafb10\mswsock.dll
[-] 2008-01-21 . 66306D7E90650EBE667811C1AF010BAC . 304128 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e 5a92fc4\mswsock.dll
[-] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[-] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1 cbd2ed7924d9\netlogon.dll
[-] 2008-01-21 . 5D0A4891F8CD0E9E64FF57A6A34044F5 . 716800 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d6 52c6f057598d\netlogon.dll
[-] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[-] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.1800 5_none_0123b2f0b2579bf3\powrprof.dll
[-] 2008-01-21 . 6FF12A84BDBA50AFE7FCF3A524E14B71 . 121344 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.1800 0_none_ff3839e4b535d0a7\powrprof.dll
[-] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[-] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.1 8005_none_9617f6eb8e9aab94\scecli.dll
[-] 2008-01-21 . 35F1DD99F9903BC267C2AF16B09F9BF7 . 235520 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.1 8000_none_942c7ddf9178e048\scecli.dll
[-] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[-] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed01 48f16ae\sfc.dll
[-] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[-] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f 524bdab2f1b\svchost.exe
[-] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[-] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4 146ed6b9a71d501\tapisrv.dll
[-] 2008-01-21 . 52091001CAF20AE84CF47023EE21B4BB . 318464 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_3 f5b745f9d5009b5\tapisrv.dll
[-] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[-] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280 d122dbbbb4\user32.dll
[-] 2008-01-21 . 32B87D215905F648EBE36A621978442C . 820224 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707 c525b9f068\user32.dll
[-] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[-] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_3847 55998a0d6941\userinit.exe
[-] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe
.
Reply With Quote
  #12  
Old November 16th, 2013, 04:07 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
CombiFix Report Part 3

[-] 2013-11-06 . 3CD6F07E6416ED6E18A1965CD2B9144A . 1392128 . . [9.00.8112.16514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.1 6514_none_1e089ca19809f669\wininet.dll
[-] 2013-03-01 . CAD9F4ABF61AF3DC160AD01AB0CF0AF0 . 1147392 . . [8.00.6001.19412] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9412_none_40e7c4f570043196\wininet.dll
[-] 2013-03-01 . DA1CD84B5BF664A2FA929E9552FD7272 . 1151488 . . [8.00.6001.23480] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3480_none_4123afd2895c6522\wininet.dll
[-] 2013-02-28 . 76721C5E3CAB2EEE4ED5966FC53F0DA2 . 1151488 . . [8.00.6001.23471] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3471_none_412f800889536288\wininet.dll
[-] 2013-02-02 . C43CA2804A591420493CE6A5DB77777F . 1147392 . . [8.00.6001.19401] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9401_none_40f194976ffcfc4e\wininet.dll
[-] 2013-01-05 . 172CF7CBF9429A657263FD205D25F56B . 1147392 . . [8.00.6001.19400] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9400_none_40f0944d6ffde2f7\wininet.dll
[-] 2013-01-05 . 244F890FC05845E074F2CA82C832E070 . 1151488 . . [8.00.6001.23468] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3468_none_414151fa8944f7f8\wininet.dll
[-] 2012-11-09 . 13C073F14F948CC9F875147DA74F300D . 1147392 . . [8.00.6001.19393] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9393_none_409243f970442d4e\wininet.dll
[-] 2012-11-09 . F6A0DF1CEA264EEBA156AD4FD974E4BF . 1151488 . . [8.00.6001.23461] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3461_none_413a4ff4894b4697\wininet.dll
[-] 2012-08-25 . F60069B26B7FC05941DBB5FB775B4CDF . 1151488 . . [8.00.6001.23415] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3415_none_417460b8891f203e\wininet.dll
[-] 2012-08-25 . A7343332E5AEEFB6F0496405AE897B77 . 1147392 . . [8.00.6001.19328] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9328_none_40e2f4df7006e86a\wininet.dll
[-] 2012-06-28 . A14FEC86F9B5B9D0137C011850B330EF . 1151488 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3385_none_4128af5e8957e6ae\wininet.dll
[-] 2012-06-28 . 817E86B2F0A26AF4F83856003A3A7DBB . 1147392 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9298_none_40974385703faeda\wininet.dll
[-] 2012-05-15 . 3A816BB74DB02A372F2A08D99C268FC6 . 1151488 . . [8.00.6001.23359] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3359_none_414d204a893bf837\wininet.dll
[-] 2012-05-15 . EDDEEB0DD7E12EB062E47BA6A2E09D06 . 1147392 . . [8.00.6001.19272] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9272_none_40a6e1a17034deee\wininet.dll
[-] 2012-02-28 . C97A10A09973F12953F23ED844A9EF19 . 1151488 . . [8.00.6001.23318] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3318_none_41775fb0891c6f1c\wininet.dll
[-] 2012-02-28 . 96070413E0F9620565BB06A0C4CC976E . 1147392 . . [8.00.6001.19222] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9222_none_40dcf13d700c5339\wininet.dll
[-] 2011-12-15 . 9441181236A720AEC992C9EC7A5A8A39 . 1151488 . . [8.00.6001.23286] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3286_none_4129adc2895702de\wininet.dll
[-] 2011-12-15 . 8C5996CAE7455B38298D883FDBD50D57 . 1147392 . . [8.00.6001.19190] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9190_none_408f3f4f7046e6fb\wininet.dll
[-] 2011-11-03 . DDBAE0D36F9D34919563381B67919A81 . 1150976 . . [8.00.6001.23266] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3266_none_413f4d9a8946cafc\wininet.dll
[-] 2011-11-03 . B76E1F2B873877576BC1069C7EAA3B1F . 1147392 . . [8.00.6001.19170] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9170_none_40a4df277036af19\wininet.dll
[-] 2011-10-01 . B0E483C020C3DAA9620770DA9F2470F0 . 1149952 . . [8.00.6001.23250] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3250_none_41441bca89441701\wininet.dll
[-] 2011-09-30 . 771B517C773728A65AE8956ADF099D83 . 1147904 . . [8.00.6001.19154] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9154_none_40be80277022dc93\wininet.dll
[-] 2011-07-23 . 14CB1B7FA859896BE14126C3EB971FD3 . 1149952 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3216_none_41755d36891e3f47\wininet.dll
[-] 2011-07-23 . 5C5F100B93FFDA632C352AAC5C774DE6 . 1147904 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9120_none_40daeec3700e2364\wininet.dll
[-] 2011-05-28 . 964B0B8A24D4E3FAE0E365F4BEBEC471 . 1150976 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3181_none_4124aa6a895b8704\wininet.dll
[-] 2011-05-28 . 79F3767D90BA6D04D936DC16FDCB4FB2 . 1147904 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9088_none_40a20fa57037989b\wininet.dll
[-] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3143_none_4151eaae893949ee\wininet.dll
[-] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9048_none_40cd4f55701728d7\wininet.dll
[-] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3111_none_417059de8922c36d\wininet.dll
[-] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9019_none_40eebf636ffdee5b\wininet.dll
[-] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3091_none_4119d8988963a5ce\wininet.dll
[-] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8999_none_409867e1703e9aa1\wininet.dll
[-] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3067_none_41404a188945ea05\wininet.dll
[-] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8975_none_40aa06917031fd63\wininet.dll
[-] 2010-06-26 . 0B27168AD18C00B4532D11ADF08FDF16 . 1150976 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3040_none_414ee7ea893c00c2\wininet.dll
[-] 2010-06-26 . AB4A31D99C05A4C7B0C892A10E12FB47 . 1147904 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8943_none_40c875c1701b76e2\wininet.dll
[-] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3019_none_41785a48891b90fe\wininet.dll
[-] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8928_none_40e3170b7006bdb3\wininet.dll
[-] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2995_none_411e019e895fd7e8\wininet.dll
[-] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8904_none_40f4b5bb6ffa2075\wininet.dll
[-] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2973_none_4131a0e289516d58\wininet.dll
[-] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8882_none_409c33e1703cd028\wininet.dll
[-] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2956_none_414a4198893e817b\wininet.dll
[-] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8865_none_40b4d4977029e44b\wininet.dll
[-] 2009-08-27 . 924C27EDCFD50A5E7D79962A567106FB . 1052160 . . [7.00.6000.21116] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 1116_none_5ca5fcca762a70a7\wininet.dll
[-] 2009-08-27 . 069A33DDF9A71531BD6CF5D3DA56EA4E . 1042432 . . [7.00.6000.16916] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6916_none_5c1c87dd5d0c9d9b\wininet.dll
[-] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2918_none_417781dc891c4465\wininet.dll
[-] 2009-08-27 . 2827B72363F5E4BD0BAF98D0518D2692 . 1032704 . . [7.00.6001.18319] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8319_none_5e05c7615a307a91\wininet.dll
[-] 2009-08-27 . D4351FED89D7D99B7FF936C55A4ED18B . 1033216 . . [7.00.6001.22508] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2508_none_5e9935b47346e23a\wininet.dll
[-] 2009-08-27 . 026F1913640BD1AB1E4E551A14E413D2 . 1032192 . . [7.00.6002.18100] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.1 8100_none_5fee08815756ccdc\wininet.dll
[-] 2009-08-27 . 4709D3DBA8F3D3658E3CC0D5D7CE4C15 . 1032704 . . [7.00.6002.22212] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.2 2212_none_606ed5f4707abb45\wininet.dll
[-] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8828_none_40e315257006c08c\wininet.dll
[-] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.1 8005_none_5ff3080d57524e68\wininet.dll
[-] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8702_none_40f2b15b6ffbf379\wininet.dll
[-] 2008-04-25 . A549050BABB436A7F3867911D302D19F . 1013248 . . [7.00.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8063_none_5dc9b0575a5e76c7\wininet.dll
[-] 2008-04-25 . B2BB90B07E1B87F41A0477ED2432AFB9 . 1013248 . . [7.00.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2167_none_5e574e4a73787bed\wininet.dll
[-] 2008-04-25 . EEFC1D846B86CFD92865FFD255B87CFC . 1022464 . . [7.00.6000.16681] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6681_none_5bcbd1455d49eb0a\wininet.dll
[-] 2008-04-25 . CB2F683EB47B75F6E83DB0AC87DBFD9A . 1024000 . . [7.00.6000.20823] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0823_none_5c98501276351303\wininet.dll
[-] 2008-02-22 . 3CC83953BA4B51B32BD67982A1AF2AF5 . 1013760 . . [7.00.6001.18023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8023_none_5df4f0075a3e0703\wininet.dll
[-] 2008-02-22 . E06F53F091B3567EA83308E5DDFF4094 . 1013760 . . [7.00.6001.22120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2120_none_5e7b8bf4735e5ac8\wininet.dll
[-] 2008-02-22 . 3166E2EE2060D11A783A1B812B6F4945 . 1022976 . . [7.00.6000.20777] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0777_none_5c663fb8765a06ed\wininet.dll
[-] 2008-02-21 . 4C48ACC0299116CD22A9522D5C7CFFC4 . 1022464 . . [7.00.6000.16643] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6643_none_5bf911895d27adf4\wininet.dll
[-] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8000_none_5e078f015a30831c\wininet.dll
[-] 2013-01-05 . 172CF7CBF9429A657263FD205D25F56B . 1147392 . . [8.00.6001.18702] .. c:\windows\system32\wininet.dll
.
[-] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55 283d54246\ws2_32.dll
[-] 2008-01-21 . 63944ECFE4878C1C4889689324CABFAB . 265216 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4 686b376fa\ws2_32.dll
[-] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[-] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df 1afb86c9f\ws2help.dll
[-] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[-] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee1 0c108556a\ole32.dll
[-] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d 7a8078d99\ole32.dll
[-] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7 baaf08c87\ole32.dll
[-] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b3 6c3dc9850\ole32.dll
[-] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbe ba7d09d06\ole32.dll
[-] 2008-01-21 . F36E23B80AC04538726699670050121D . 1923072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_083c42d faaaed1ba\ole32.dll
[-] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[-] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4ace b06de1c\cngaudit.dll
[-] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[-] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115 452bcae17d8\wininit.exe
[-] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[-] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f71866 5b4c03ea89\ctfmon.exe
[-] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[-] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f 1fd585934f\shsvcs.dll
[-] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3 aaf1823d60\shsvcs.dll
[-] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebd a8ee92f85e\shsvcs.dll
[-] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f 51d8629d02\shsvcs.dll
[-] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b8730 24ebb78030\shsvcs.dll
[-] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af791 9dd29f485c\shsvcs.dll
[-] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71 b9d26cd364\shsvcs.dll
[-] 2008-01-21 . EB3114330236CF030E8EDF62881BAF67 . 301568 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_294ef8 add54b0818\shsvcs.dll
[-] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701 a4938f68d83\regsvc.dll
[-] 2008-01-21 . 416C611369CBE49074B89CEE2F83ABEF . 206336 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_e584a 13d3bd4c237\regsvc.dll
[-] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[-] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf 8454ca4d06e\schedsvc.dll
[-] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab 4414f8780bd\schedsvc.dll
[-] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e0 8c065a3caed\schedsvc.dll
[-] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b491 34268c58d72\schedsvc.dll
[-] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b3 3214c81b53a\schedsvc.dll
[-] 2008-02-26 . C315E4CD537736E53D1F28A497FBE29B . 844288 . . [6.0.6000.20779] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20779_none_89806 b606b87a06d\schedsvc.dll
[-] 2008-01-21 . C74C6C01353D87AAFE1193B426D667B0 . 843776 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_8b1fb a154f5fe9ee\schedsvc.dll
[-] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427 e0952313d0c\schedsvc.dll
[-] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[-] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe8 0e6f8995baeb\ssdpsrv.dll
[-] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.1 8005_none_eca9565809c353e4\termsrv.dll
[-] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.1 8000_none_eabddd4c0ca18898\termsrv.dll
[-] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[-] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none _442037e04fa9b5c7\ksuser.dll
[-] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[-] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_d38a 739ed46982f7\msimg32.dll
[-] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\system32\msimg32.dll
.
[-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee 7c46da\comctl32.dll
[-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1 fca2222ab96c\comctl32.dll
[-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ad a5c8366e90385\comctl32.dll
[-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1 391c96\comctl32.dll
[-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612 924c21dcda90\comctl32.dll
[-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5 499024dc7b801\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed5 19463b\comctl32.dll
[-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb7 2f2a088b0ed3\comctl32.dll
[-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f 3a38569c2c436\comctl32.dll
[-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d8 04f924\comctl32.dll
[-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd 65e20837faf2\comctl32.dll
[-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886 c608850a2f36f\comctl32.dll
[-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb7 2f96088b0de0\comctl32.dll
[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7 f7837a\comctl32.dll
[-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886 786f450a74a05\comctl32.dll
[-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdb aa5a083979cc\comctl32.dll
[-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07 289e07e1d100\comctl32.dll
[-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e 0cb09378714f1\comctl32.dll
.
[-] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b 13bb212\cryptsvc.dll
[-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd909 8134535\cryptsvc.dll
[-] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec69 7f67015\cryptsvc.dll
[-] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b 1339621\cryptsvc.dll
[-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb12709 7f11935\cryptsvc.dll
[-] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649 acf4de9\cryptsvc.dll
.
Reply With Quote
  #13  
Old November 16th, 2013, 04:21 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Report Part 4

[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_7 54c5dff3b9d9ea6\es.dll
[-] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_7 20177625a73c603\es.dll
[-] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7 135f8df4187b761\es.dll
[-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7 331d75d3e9e1070\es.dll
[-] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_7 3aba2ca57c84d78\es.dll
[-] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7 360e4f33e7bd35a\es.dll
.
[-] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[-] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf 8644afb7f\imm32.dll
[-] 2008-01-21 . CA3091655E2257B3E3EA86F79A696C56 . 116224 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_c2c963e c67293033\imm32.dll
.
[-] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[-] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_fc1b b123402c59e5\kernel32.dll
[-] 2012-09-28 . 04876F4758D10B768D4CF792D03FC9CF . 860672 . . [6.0.6002.22942] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_fc78 0f90596c33ec\kernel32.dll
[-] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6002.18449] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf5 6d33404850e7\kernel32.dll
[-] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90 aa945959509a\kernel32.dll
[-] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11 c701432117f3\kernel32.dll
[-] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa61 88305c690deb\kernel32.dll
[-] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1c a423402b872b\kernel32.dll
[-] 2009-02-13 . D4902D1DC60CB71197EFE4474A582841 . 855552 . . [6.0.6001.18215] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_fa2b 6069430d50d1\kernel32.dll
[-] 2009-02-13 . 1B5BE39A927C36B3162ADA23B6CA001E . 858112 . . [6.0.6001.22376] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_fa75 1df65c5ab198\kernel32.dll
[-] 2009-02-13 . 444A00544B4EDFEDD8FCCD281EDE3ED4 . 840704 . . [6.0.6000.16820] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_f835 506545f35d1e\kernel32.dll
[-] 2009-02-13 . 4118366CDDA655F8AEDB20CD03DEBAE9 . 841216 . . [6.0.6000.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_f8c9 953e5f091439\kernel32.dll
[-] 2008-01-21 . 799EEDF377F3B72DB30192AD9FD3C7F3 . 855552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_fa31 2b174309bbdf\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865 321ca55411b2\linkinfo.dll
.
[-] 2012-12-16 . 1AFE3E0E4FBAE0FA540CBCEEC5E39D1F . 23552 . . [6.0.6002.23004] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_12ba5b2d5 d84feb6\lpk.dll
[-] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855 dc13513\lpk.dll
[-] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef6 0870d69\lpk.dll
[-] 2011-01-08 . 2929BD36F338E1C844FCCB88AFC4DA03 . 23552 . . [6.0.6002.22566] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_127b9c7f5 db3b12c\lpk.dll
[-] 2011-01-08 . 077B74545B155C7C16F5951C48F6C9FE . 23552 . . [6.0.6001.22830] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_10af989f6 07a702b\lpk.dll
[-] 2010-10-28 . EAA25894F6FA01BB1321289E822B390D . 23552 . . [6.0.6002.22514] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_12afab875 d8cf2c9\lpk.dll
[-] 2010-10-28 . 72508445768DC97CC522FAE65978DBF4 . 23552 . . [6.0.6001.22787] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_108089236 09cb01a\lpk.dll
[-] 2010-05-26 . EF35D31F154DAA93E435D3B18192C40B . 23552 . . [6.0.6002.22412] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_12ada90d5 d8ec2f4\lpk.dll
[-] 2010-05-26 . 26E0671ADDD67570AACEC81B2A8803ED . 23552 . . [6.0.6001.22700] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_10d0067d6 0621f31\lpk.dll
[-] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304 a2e2ee3\lpk.dll
[-] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b6 35a6c7f\lpk.dll
[-] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c4296 07efa03\lpk.dll
[-] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5 da29b2c\lpk.dll
[-] 2009-06-15 . 204EFDC76394A6FB0816D61810C8F529 . 24064 . . [6.0.6000.16870] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_0e1474004 a56bd71\lpk.dll
[-] 2009-06-15 . C5028B831E4489F0CEEABFD133855EFF . 23552 . . [6.0.6001.22450] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_1099f12f6 08ab371\lpk.dll
[-] 2009-06-15 . C92953010CA9964A33210C3273EEB78C . 24064 . . [6.0.6000.21067] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_0eafbadf6 36625ed\lpk.dll
[-] 2009-06-15 . 459DE300727C02D420DB389B721AF44E . 23552 . . [6.0.6002.22152] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_128263ab5 daf3b43\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a4 4665bc9\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_11f7c6964 4928222\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4 477777b\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_11edfac04 499b1b8\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_12126d924 47dc068\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_11e22c704 4a2b179\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def24 4665065\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_121c44cc4 4767fbc\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_11fbd5084 48ed38f\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_10465e4e4 744907d\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_0ffcb33a4 77b8110\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f25784 7615d12\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_0ff1e71a4 783974f\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_10222a224 75ea365\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_1003baf24 77529e6\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a4 78561c8\lpk.dll
.
[-] 2013-11-06 . F46A58EC9183CB2B24326A41CDDE1FAE . 12336128 . . [9.00.8112.16514] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16514_none _d344203c6002ee69\mshtml.dll
[-] 2013-03-01 . 46F5BD8E8ACD0AA5E81189106D87BD0F . 6013440 . . [8.00.6001.23480] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23480_none _f65f336d51555d22\mshtml.dll
[-] 2013-03-01 . CE4B904E4CF91B3FC6D665A698FDDAC5 . 6012416 . . [8.00.6001.19412] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19412_none _f623489037fd2996\mshtml.dll
[-] 2013-02-28 . 4B0FB279C71111C00BA70E8B9857156E . 6012928 . . [8.00.6001.23471] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23471_none _f66b03a3514c5a88\mshtml.dll
[-] 2013-02-28 . 9DD03B005D7F3294C14FD76242B1E22D . 6011392 . . [8.00.6001.19403] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19403_none _f62f18c637f426fc\mshtml.dll
[-] 2013-01-05 . 35D6218EF4976491DD3FF8E5BB68795C . 6011904 . . [8.00.6001.23468] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23468_none _f67cd595513deff8\mshtml.dll
[-] 2013-01-05 . 48A3776B22108D95F15CFB99DB55F8B0 . 6010368 . . [8.00.6001.18702] .. c:\windows\SysWOW64\mshtml.dll
[-] 2013-01-05 . 48A3776B22108D95F15CFB99DB55F8B0 . 6010368 . . [8.00.6001.19400] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19400_none _f62c17e837f6daf7\mshtml.dll
[-] 2013-01-04 . 8C98ADBFCAB768AEAD26E49B6B61AAE0 . 6011392 . . [8.00.6001.23462] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23462_none _f676d3d9514357ee\mshtml.dll
[-] 2013-01-04 . E5E53D8532FAD7837B9A7C15A68C0498 . 6009856 . . [8.00.6001.19394] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19394_none _f5cec7de383c3ea5\mshtml.dll
[-] 2012-11-09 . D1ACA648833316D82B9A1922593CD987 . 6010880 . . [8.00.6001.23461] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23461_none _f675d38f51443e97\mshtml.dll
[-] 2012-11-09 . DE429F573EA79A5E2590CC52D9B8E282 . 6008832 . . [8.00.6001.19393] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19393_none _f5cdc794383d254e\mshtml.dll
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7 e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447 bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af 2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536 209ee61dad\msvcrt.dll
[-] 2002-08-30 . 886A6C3C185AAEDECD00477F72279B07 . 323072 . . [7.0.2600.1106] .. c:\windows\SysWOW64\PhotoImpression Slideshow\msvcrt.dll
.
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122 a6d89da\mswsock.dll
[-] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062 d4bbe8e\mswsock.dll
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616 762521d9e6d4\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642a fd1924b81b88\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.1800 5_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.1800 0_none_a3199e60fcd85f71\powrprof.dll
.
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.1 8005_none_a06ca13dc2fb6d8f\scecli.dll
[-] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.1 8000_none_9e812831c5d9a243\scecli.dll
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5 c31a578\sfc.dll
.
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb5 9a1054dbde5\svchost.exe
.
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e 52851e7e21463cb\tapisrv.dll
[-] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e 33cd8dbe4f2987f\tapisrv.dll
.
[-] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[-] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b 23573c7daf\user32.dll
[-] 2008-01-21 . 3D691030DBD3BD75DE1501BE54F0D425 . 648192 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2 175a1ab263\user32.dll
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28 ba15d1aff80b\userinit.exe
.
[-] 2013-11-06 . C8ADAA6948993D839D14524847EA5B75 . 1129472 . . [9.00.8112.16514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.1 6514_none_c1ea011ddfac8533\wininet.dll
[-] 2013-03-01 . 3A70B683D1503444B4C805E1199054D4 . 920064 . . [8.00.6001.23480] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3480_none_e505144ed0fef3ec\wininet.dll
[-] 2013-03-01 . 7904A81F674CBEBB9CCDE1C13EBE967E . 916480 . . [8.00.6001.19412] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9412_none_e4c92971b7a6c060\wininet.dll
[-] 2013-02-28 . F3F7034A822920EDB3FB91F65D67D759 . 920064 . . [8.00.6001.23471] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3471_none_e510e484d0f5f152\wininet.dll
[-] 2013-02-02 . 8E2EBCD935EA8D60E4CBCE07F20824E4 . 916480 . . [8.00.6001.19401] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9401_none_e4d2f913b79f8b18\wininet.dll
[-] 2013-01-05 . E0BC00FCA83D33BB862AB9AEF8174445 . 920064 . . [8.00.6001.23468] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3468_none_e522b676d0e786c2\wininet.dll
[-] 2013-01-05 . 3652AA7B2FC078FACEE1B90523753A48 . 916480 . . [8.00.6001.18702] .. c:\windows\SysWOW64\wininet.dll
[-] 2013-01-05 . 3652AA7B2FC078FACEE1B90523753A48 . 916480 . . [8.00.6001.19400] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9400_none_e4d1f8c9b7a071c1\wininet.dll
[-] 2012-11-09 . E0F382C955AE33D20D463746E5B6FB50 . 920064 . . [8.00.6001.23461] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3461_none_e51bb470d0edd561\wininet.dll
[-] 2012-11-09 . C1E1FE2224CA46F112C2D65A4EA3BF25 . 916992 . . [8.00.6001.19393] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9393_none_e473a875b7e6bc18\wininet.dll
[-] 2012-08-25 . DDC718A719B351415455920F71EC4570 . 920064 . . [8.00.6001.23415] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3415_none_e555c534d0c1af08\wininet.dll
[-] 2012-08-25 . 69D83FEF59F46E9EBF06E805547DB534 . 916992 . . [8.00.6001.19328] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9328_none_e4c4595bb7a97734\wininet.dll
[-] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3385_none_e50a13dad0fa7578\wininet.dll
[-] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9298_none_e478a801b7e23da4\wininet.dll
[-] 2012-05-15 . 1FDE47149D9B08C0CEBEE731FDB39E0B . 920064 . . [8.00.6001.23359] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3359_none_e52e84c6d0de8701\wininet.dll
[-] 2012-05-15 . DEAF5B0677A6B864B8F4F41C127695DB . 916992 . . [8.00.6001.19272] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9272_none_e488461db7d76db8\wininet.dll
[-] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.23318] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3318_none_e558c42cd0befde6\wininet.dll
[-] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.19222] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9222_none_e4be55b9b7aee203\wininet.dll
[-] 2011-12-15 . 2F56B044E8ED4FAA812A19A8DF2115EE . 919552 . . [8.00.6001.23286] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3286_none_e50b123ed0f991a8\wininet.dll
[-] 2011-12-15 . DA7C58952F082AECABF775C83F913C6F . 916992 . . [8.00.6001.19190] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9190_none_e470a3cbb7e975c5\wininet.dll
[-] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.23266] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3266_none_e520b216d0e959c6\wininet.dll
[-] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.19170] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9170_none_e48643a3b7d93de3\wininet.dll
[-] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.23250] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3250_none_e5258046d0e6a5cb\wininet.dll
[-] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.19154] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9154_none_e49fe4a3b7c56b5d\wininet.dll
[-] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3216_none_e556c1b2d0c0ce11\wininet.dll
[-] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9120_none_e4bc533fb7b0b22e\wininet.dll
[-] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3181_none_e5060ee6d0fe15ce\wininet.dll
[-] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9088_none_e4837421b7da2765\wininet.dll
[-] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3143_none_e5334f2ad0dbd8b8\wininet.dll
[-] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9048_none_e4aeb3d1b7b9b7a1\wininet.dll
[-] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3111_none_e551be5ad0c55237\wininet.dll
[-] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 9019_none_e4d023dfb7a07d25\wininet.dll
[-] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3091_none_e4fb3d14d1063498\wininet.dll
[-] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8999_none_e479cc5db7e1296b\wininet.dll
[-] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3067_none_e521ae94d0e878cf\wininet.dll
[-] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8975_none_e48b6b0db7d48c2d\wininet.dll
[-] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3040_none_e5304c66d0de8f8c\wininet.dll
[-] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8943_none_e4a9da3db7be05ac\wininet.dll
[-] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 3019_none_e559bec4d0be1fc8\wininet.dll
[-] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8928_none_e4c47b87b7a94c7d\wininet.dll
[-] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2995_none_e4ff661ad10266b2\wininet.dll
[-] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8904_none_e4d61a37b79caf3f\wininet.dll
[-] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2973_none_e513055ed0f3fc22\wininet.dll
[-] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8882_none_e47d985db7df5ef2\wininet.dll
[-] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2956_none_e52ba614d0e11045\wininet.dll
[-] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8865_none_e4963913b7cc7315\wininet.dll
[-] 2009-08-27 . 2BD22AA29893876347BA1BE62487748A . 832512 . . [7.00.6000.16916] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6916_none_fffdec59a4af2c65\wininet.dll
[-] 2009-08-27 . D5709010F06FEC697CCB2831D0821E0B . 840704 . . [7.00.6000.21116] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 1116_none_00876146bdccff71\wininet.dll
[-] 2009-08-27 . 604E16194F1E60084B948ACAE8334E0F . 833024 . . [7.00.6001.18319] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8319_none_01e72bdda1d3095b\wininet.dll
[-] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.2 2918_none_e558e658d0bed32f\wininet.dll
[-] 2009-08-27 . C628812EA5016B1C3E13E082940D5AF6 . 834048 . . [7.00.6001.22508] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2508_none_027a9a30bae97104\wininet.dll
[-] 2009-08-27 . 5E382486BCCCF4C50A810E2DF18C8CDB . 834048 . . [7.00.6002.22212] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.2 2212_none_04503a70b81d4a0f\wininet.dll
[-] 2009-08-27 . D88D19604AACE2101B13260322FB4A3A . 834048 . . [7.00.6002.18100] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.1 8100_none_03cf6cfd9ef95ba6\wininet.dll
[-] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8828_none_e4c479a1b7a94f56\wininet.dll
[-] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.1 8005_none_03d46c899ef4dd32\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.1 8702_none_e4d415d7b79e8243\wininet.dll
[-] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8063_none_01ab14d3a2010591\wininet.dll
[-] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6681_none_ffad35c1a4ec79d4\wininet.dll
[-] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2167_none_0238b2c6bb1b0ab7\wininet.dll
[-] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0823_none_0079b48ebdd7a1cd\wininet.dll
[-] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8023_none_01d65483a1e095cd\wininet.dll
[-] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2120_none_025cf070bb00e992\wininet.dll
[-] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0777_none_0047a434bdfc95b7\wininet.dll
[-] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6643_none_ffda7605a4ca3cbe\wininet.dll
[-] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8000_none_01e8f37da1d311e6\wininet.dll
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c 2ce5605c4\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329c ecb77d110\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af8484 3e4192e9a\ws2help.dll
.
[-] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[-] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbe bba22f3bab41\explorer.exe
[-] 2008-10-30 . E404A65EF890140410E9F3D405841C95 . 3081216 . . [6.0.6001.22298] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03 944b4b794317\explorer.exe
[-] 2008-10-29 . BBD8E74F23D7605CB0CDB57A1B25D826 . 3080704 . . [6.0.6001.18164] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96 661c3246ea1e\explorer.exe
[-] 2008-10-29 . 50514057C28A74BAC2BD04B7B990D615 . 3087360 . . [6.0.6000.16771] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba2 56ac352b2919\explorer.exe
[-] 2008-10-28 . 72B9990E45C25AA3C75C4FB50A9D6CE0 . 3086848 . . [6.0.6000.20947] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac52 66dd4e2b0a41\explorer.exe
[-] 2008-01-21 . F6D765FB6B457542D954682F50C26E4F . 3080704 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add3 42963219dff5\explorer.exe
.
[-] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[-] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50 e8943617cd\regedit.exe
.
[-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528 d08aae434\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf755 3efaa1c63\ole32.dll
[-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb 30b7f271a\ole32.dll
[-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f 7f2931b51\ole32.dll
[-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae09206 7ef732bd0\ole32.dll
[-] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75 bf2516084\ole32.dll
.
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076 efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\SysWOW64\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec5 5bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a70777 1d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa1685 8ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a5 59e2b7a\usp10.dll
[-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e5 87c602e\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none _e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9ca d793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e3 9c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3 ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18 273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd8022 2536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894 a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f6 1a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6 361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d 2a1ced96e2\shsvcs.dll
.
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\msimg32.dll
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_776b d81b1c0c11c1\msimg32.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d29293 2a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b 8cf0450a6a2\wininit.exe
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.1 8000_none_f900daa442864318\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.1 8005_none_faec53b03fa80e64\ias.dll
.
[-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7e f86c05abb0\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90 c352b1fc4a\mfc40u.dll
[-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c 89559daf33\mfc40u.dll
[-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aab c06ed2b94e\mfc40u.dll
[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc50 0958a528b5\mfc40u.dll
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_non e_285b7a4b21423100\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737 643f04aa4c\dsound.dll
[-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe 5841e2df00\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c43 8e5b15de80145\d3d9.dll
[-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24 d6ca560c635f9\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_05 05a2ecc0013ebd\ddraw.dll
.
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff33 9efed611ca\olepro32.dll
[-] 2008-01-21 02:48 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba 9301b4467e\olepro32.dll
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.1 8000_none_31733dc35d19d298\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.1 8005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c 83b4e078740\version.dll
[-] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4 f2f50e5bbf4\version.dll
.
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee9411 00db1acf2\midimap.dll
[-] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc80 4108fe1a6\midimap.dll
.
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_7 64d448c52115294\rasadhlp.dll
.
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c 23187855a\WSHTCPIP.DLL
.
Reply With Quote
  #14  
Old November 16th, 2013, 04:28 PM
MorningDove143 MorningDove143 is offline
Member
 
Join Date: Nov 2013
Posts: 37
ComboFix Report 5

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
c:\users\Dove\AppData\Roaming\DefaultTab\DefaultTa b\DefaultTabBHO.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{808dc83c-d35b-4fba-a5b5-9a52103204df}]
2013-10-22 21:04 249632 ----a-w- c:\program files (x86)\Swift Browse\SwiftBrowseBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-15 00:05 121392 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Search Protection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"LManager"="c:\progra~2\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]
"LTCM Client"="c:\program files (x86)\LTCM Client\ltcmClient.exe" [2011-04-07 2756864]
"YSearchProtection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Sprint SmartView"="c:\program files (x86)\Sprint\Sprint SmartView\SprintSV.exe" [2012-07-13 69632]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-11-02 2404376]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-29 147456]
"CLMLServer"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-18 173352]
"F-Secure Hoster (42626)"="c:\program files (x86)\Charter Security Suite\fshoster32.exe" [2013-05-15 191424]
.
c:\users\Dove\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\
PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Android\PdaNetPC.exe [2012-4-4 484976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 19:09 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Insta ller\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2012-04-02 15:21]
.
2013-11-16 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Dove\AppData\Local\SwvUpdater\Updater.exe [2013-03-03 19:11]
.
2013-11-02 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-02 15:12]
.
2013-11-02 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-02 15:12]
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 23:01]
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 23:01]
.
2013-11-02 c:\windows\Tasks\weDownload Manager Pro-chromeinstaller.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe [2013-11-02 02:08]
.
2013-11-02 c:\windows\Tasks\weDownload Manager Pro-codedownloader.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe [2013-11-02 02:08]
.
2013-11-02 c:\windows\Tasks\weDownload Manager Pro-enabler.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe [2013-11-02 02:09]
.
2013-11-02 c:\windows\Tasks\weDownload Manager Pro-updater.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe [2013-11-02 02:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\eg isPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-15 00:06 50736 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-20 178712]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"RtHDVCpl"="RAVCpl64.exe" [2008-05-07 6291456]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-05-15 561200]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 474624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1237288]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-02 163384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-02 387640]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2013-11-02 418360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\avgrssta.dl l
.
------- Supplementary Scan -------
.
mStart Page = hxxp://start.qone8.com/?type=hp&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV
mDefault_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://start.qone8.com/web/?type=ds&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV&q={searchTerms}
mCustomizeSearch = hxxp://start.qone8.com/web/?type=ds&ts=1383354312&from=adks&uid=ST9250827AS_5 RG3MPPVXXXX5RG3MPPV&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: pogo.com\www
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{11111111-1111-1111-1111-110411361128} - c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll
BHO-{625F420E-A4A9-4B40-BC23-716C1C43893A} - (no file)
BHO-{6E3C6B04-08FE-43BC-8E50-F90285024DEA} - c:\program files (x86)\BetterSurf\ie\BetterSurf.dll
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
Toolbar-10 - (no file)
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-DefaultTab - c:\users\Dove\AppData\Roaming\DefaultTab\DefaultTa b\uninstalldt.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\f shoster]
"ImagePath"="\"c:\program files (x86)\Charter Security Suite\fshoster32.exe\" -hosterid:0"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\N 360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\N SL]
"ImagePath"="\"c:\program files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{ 49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macrome d\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUt il64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\­?*ˇ■]
"C04D0E48E8DE2B84382DC411BA42F6A4"="c:\\Progra m Files (x86)\\Sprint\\Sprint SmartView\\ProfileImport.exe"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00 ,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"="d49f7429-5742-4d63-bdcd-cedb24e4fcd1"
"AuthorizationCode"=""
"42626_AgentIdentifier"="d49f7429-5742-4d63-bdcd-cedb24e4fcd1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Norton 360\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
c:\program files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files (x86)\Acer\Acer VCM\RS_Service.exe
c:\program files (x86)\Swift Browse\updateSwiftBrowse.exe
c:\program files (x86)\Swift Browse\bin\utilSwiftBrowse.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Launch Manager\QtZgAcer.EXE
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
.
************************************************** ************************
.
Completion time: 2013-11-16 09:44:07 - machine was rebooted
ComboFix-quarantined-files.txt 2013-11-16 14:44
ComboFix2.txt 2013-11-15 12:27
.
Pre-Run: 40,477,478,912 bytes free
Post-Run: 39,855,194,112 bytes free
.
- - End Of File - - EF8B2F284AA0ADCA3CC2F06EA60E1991
F79EF1FA2A5761BF6A7B3A858FC003EE
Reply With Quote
  #15  
Old November 17th, 2013, 07:50 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 36
Posts: 5,017
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.




Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete/Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check
  • Click the button.
  • Accept any security warnings from your browser.
  • Check
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt


Also please post back with a fresh FRST logfile and tell me how the system is running.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 07:31 AM.