Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sirefef virus?


  • This topic is locked This topic is locked
19 replies to this topic

#1 Mintoria

Mintoria

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 29 June 2012 - 06:42 AM

I have a problem, my computer is in a constant restarting loop. I got a pop up for a fake antivirus called Live Security Platinum. I tried to run MSE but I couldn't find it, so I redownloaded it and tried to run it. Then I got a message saying that windows was going to shut down after one minute, I have tried Start Up repair but it hasn't worked and I don't have time to run anything else. I am running Vista 32bit and would really like to get this problem fixed asap. Thank you :)

Edited by hamluis, 29 June 2012 - 09:05 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 ElFasso

ElFasso

  • Members
  • 229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:35 AM

Posted 29 June 2012 - 06:56 AM

Sirefef is difficult rootkit and trojan to threat... If it's to difficult I will report the topic to the 'Malware respone team' to better assist you.

1. Run a scan With MBAM:

Download Malwarebytes' Anti-Malware free version (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected, always try first Quarantine.
  • When completed, a log will open in Notepad.
  • Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

2. Download TDDSKiller

  • Launch it.
  • Click on change parameters-Select TDLFS file system.
  • Click on "Scan".
  • Please post the LOG report(log file should be in your C drive).

3. Download aswMBR

  • Launch it. Allow it to download latest Avast! virus definitions.
  • Click the "Scan" button to start scan. After scan finishes, click on Save log.

If you have any problems with running this programs or if you're getting a BSOD (Blue Screen or Death), please mention.

Edited by ElFasso, 29 June 2012 - 06:59 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:35 PM

Posted 29 June 2012 - 07:37 AM

I tried to run MSE but I couldn't find it, so I redownloaded it and tried to run it. Then I got a message saying that windows was going to shut down after one minute,


Let me ask a malware response team member to assist you

good luck

#4 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 29 June 2012 - 11:50 AM

Sirefef is difficult rootkit and trojan to threat... If it's to difficult I will report the topic to the 'Malware respone team' to better assist you.

1. Run a scan With MBAM:

Download Malwarebytes' Anti-Malware free version (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected, always try first Quarantine.
  • When completed, a log will open in Notepad.
  • Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

2. Download TDDSKiller

  • Launch it.
  • Click on change parameters-Select TDLFS file system.
  • Click on "Scan".
  • Please post the LOG report(log file should be in your C drive).

3. Download aswMBR

  • Launch it. Allow it to download latest Avast! virus definitions.
  • Click the "Scan" button to start scan. After scan finishes, click on Save log.

If you have any problems with running this programs or if you're getting a BSOD (Blue Screen or Death), please mention.




I can't run anything, the computer only stays booted up for about a minute at a time. :(

#5 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 29 June 2012 - 05:00 PM

I received an email that stated that I had gotten a response from Queen Evie but when I clicked on the link and went to my topic there werent any more posts. :(

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,832 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:08:35 PM

Posted 29 June 2012 - 05:50 PM

:welcome:

Lets give it a try. You will need a USB Flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it your reply.

Search for instances of Services.exe

Type the following in the edit box after "Search:".

services.exe

It then should look like:

Search: services.exe

Click Search button and post the log (Search.txt) it will produce in the USB drive.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 29 June 2012 - 07:02 PM

Woohooo Progress. I actually made it through the scans without the computer restarting. Here are the logs that the program came up with.


Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-06-2012 01
Ran by Jonathan at 29-06-2012 18:22:00
Running from J:\
Service Pack 2 (X86) OS Language: English(US)
Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNTION PROPERLY.


============ One Month Created Files and Folders ==============

2012-06-29 18:16 - 2012-06-29 18:22 - 00000000 ____D C:\FRST
2012-06-29 18:16 - 2012-06-29 18:20 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 18:16 - 2012-06-29 18:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 18:15 - 2012-06-29 18:16 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 17:17 - 2012-06-29 17:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 17:17 - 2012-06-29 17:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 17:10 - 2012-06-29 17:11 - 00000000 ___SD C:\ComboFix
2012-06-29 16:54 - 2011-06-26 02:45 - 00256000 ____A C:\Windows\PEV.exe
2012-06-29 16:54 - 2010-11-07 13:20 - 00208896 ____A C:\Windows\MBR.exe
2012-06-29 16:54 - 2009-04-20 00:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-06-29 16:54 - 2000-08-30 20:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-06-29 16:54 - 2000-08-30 20:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-06-29 16:54 - 2000-08-30 20:00 - 00098816 ____A C:\Windows\sed.exe
2012-06-29 16:54 - 2000-08-30 20:00 - 00080412 ____A C:\Windows\grep.exe
2012-06-29 16:54 - 2000-08-30 20:00 - 00068096 ____A C:\Windows\zip.exe
2012-06-29 16:49 - 2012-06-29 16:49 - 00000000 ____D C:\Qoobox
2012-06-29 16:48 - 2012-06-29 16:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 16:47 - 2012-06-29 16:48 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 16:31 - 2012-06-29 16:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 16:31 - 2012-06-29 16:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 13:40 - 2012-06-29 13:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 13:39 - 2012-06-29 13:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 13:39 - 2012-06-29 13:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 06:40 - 2012-06-29 06:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 06:36 - 2012-06-29 06:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 06:36 - 2012-06-29 06:36 - 00000000 ____D C:\My Curse
2012-06-29 06:31 - 2012-06-29 06:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 06:31 - 2012-06-29 06:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 06:07 - 2012-06-29 06:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 06:07 - 2012-06-29 06:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 06:07 - 2012-06-29 06:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 05:47 - 2012-06-29 18:17 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 05:47 - 2012-06-29 06:02 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 05:47 - 2012-06-29 05:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 05:47 - 2012-06-29 05:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 05:47 - 2012-06-29 05:46 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-25 15:53 - 2012-06-25 15:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 23:46 - 2012-06-23 23:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 23:45 - 2012-06-23 23:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 19:54 - 2012-06-23 19:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 19:54 - 2012-06-23 19:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 05:05 - 2012-06-23 05:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 04:38 - 2012-06-23 04:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 04:38 - 2012-06-23 04:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-21 23:29 - 2012-06-21 23:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 23:29 - 2012-06-21 23:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 18:31 - 2012-06-02 18:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-21 18:31 - 2012-06-02 18:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-21 18:31 - 2012-06-02 18:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-21 18:31 - 2012-06-02 18:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-21 18:30 - 2012-06-02 18:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-21 18:30 - 2012-06-02 18:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-21 18:30 - 2012-06-02 18:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-21 18:29 - 2012-06-02 15:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-21 18:29 - 2012-06-02 15:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-21 17:50 - 2012-06-21 17:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 17:47 - 2012-06-21 17:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-16 23:28 - 2012-06-16 23:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 23:19 - 2012-06-16 23:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 23:19 - 2012-06-16 23:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 23:19 - 2012-06-16 23:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 23:19 - 2012-06-16 23:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 23:19 - 2012-06-16 23:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 23:19 - 2012-06-16 23:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 23:14 - 2012-06-16 23:16 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 12:25 - 2012-06-14 12:26 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 12:25 - 2012-06-14 12:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-13 23:02 - 2012-05-01 10:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 23:02 - 2012-04-23 12:00 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 23:02 - 2012-04-23 12:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 23:02 - 2012-04-23 12:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 23:01 - 2012-05-15 15:51 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 21:23 - 2012-06-13 21:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 21:23 - 2012-06-13 21:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 23:57 - 2012-06-13 21:30 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-11 23:57 - 2012-06-13 21:30 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-11 12:02 - 2012-06-11 12:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 12:02 - 2012-06-11 12:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 04:41 - 2012-06-10 04:42 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-07 00:53 - 2012-06-07 00:55 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-07 00:53 - 2012-06-07 00:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-07 00:53 - 2012-06-07 00:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-07 00:52 - 2012-06-07 00:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 14:51 - 2012-06-06 14:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 14:51 - 2012-06-06 14:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 08:49 - 2012-06-11 23:57 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-06 08:48 - 2012-06-06 08:49 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 08:48 - 2012-06-06 08:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 08:48 - 2012-06-06 08:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 08:48 - 2012-06-06 08:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 08:48 - 2012-06-06 08:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 08:48 - 2012-06-06 08:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 08:47 - 2012-06-06 08:48 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 12:24 - 2012-06-05 12:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 12:21 - 2012-06-05 12:22 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 22:04 - 2012-06-02 22:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 22:04 - 2012-06-02 22:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 16:11 - 2012-06-23 19:55 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts


============ 3 Months Modified Files and Folders ===============

2012-06-29 18:22 - 2012-06-29 18:16 - 00000000 ____D C:\FRST
2012-06-29 18:21 - 2012-06-29 18:21 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ephrddiu.sys
2012-06-29 18:20 - 2012-06-29 18:16 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 18:17 - 2012-06-29 05:47 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 18:16 - 2012-06-29 18:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 18:16 - 2012-06-29 18:15 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 18:16 - 2009-01-09 05:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-06-29 18:15 - 2010-05-18 08:22 - 00000470 ____A C:\Windows\Tasks\SDMsgUpdate (TE).job
2012-06-29 18:15 - 2008-10-20 08:58 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{8BCDB802-AAEE-48A6-959C-1C26A3266CAE}.job
2012-06-29 18:14 - 2011-03-08 23:52 - 00000000 ____D C:\Program Files\Common Files\Akamai
2012-06-29 18:14 - 2010-02-24 18:01 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-29 18:14 - 2010-02-24 01:21 - 00000000 ____D C:\Users\All Users\Kodak
2012-06-29 18:14 - 2006-11-02 09:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-29 18:14 - 2006-11-02 08:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-29 18:14 - 2006-11-02 08:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-29 17:57 - 2012-05-21 08:29 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-29 17:39 - 2010-02-24 18:01 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-29 17:31 - 2009-03-14 21:35 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Deployment
2012-06-29 17:31 - 2008-01-28 08:58 - 01565567 ____A C:\Windows\WindowsUpdate.log
2012-06-29 17:17 - 2012-06-29 17:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 17:17 - 2012-06-29 17:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 17:13 - 2011-03-28 08:55 - 00005438 ____A C:\Windows\PFRO.log
2012-06-29 17:11 - 2012-06-29 17:10 - 00000000 ___SD C:\ComboFix
2012-06-29 16:49 - 2012-06-29 16:49 - 00000000 ____D C:\Qoobox
2012-06-29 16:48 - 2012-06-29 16:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 16:48 - 2012-06-29 16:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 16:48 - 2012-06-29 16:47 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 16:31 - 2012-06-29 16:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 16:31 - 2012-06-29 16:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 16:31 - 2010-10-23 13:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Windows Live
2012-06-29 16:19 - 2009-09-17 03:40 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-06-29 15:22 - 2006-11-02 09:01 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-29 14:06 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\System32\LogFiles
2012-06-29 13:40 - 2012-06-29 13:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 13:39 - 2012-06-29 13:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 13:39 - 2012-06-29 13:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 13:32 - 2010-01-18 13:35 - 00000680 ____A C:\Users\Jonathan\AppData\Local\d3d9caps.dat
2012-06-29 06:55 - 2008-01-28 09:12 - 00000012 ____A C:\Windows\bthservsdp.dat
2012-06-29 06:40 - 2012-06-29 06:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 06:36 - 2012-06-29 06:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 06:36 - 2012-06-29 06:36 - 00000000 ____D C:\My Curse
2012-06-29 06:31 - 2012-06-29 06:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 06:31 - 2012-06-29 06:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 06:22 - 2012-04-01 02:03 - 00000000 __SHD C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
2012-06-29 06:13 - 2011-03-06 01:47 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-29 06:13 - 2006-11-02 06:33 - 00721296 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-29 06:12 - 2011-03-06 01:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-29 06:07 - 2012-06-29 06:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 06:07 - 2012-06-29 06:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 06:07 - 2012-06-29 06:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 06:06 - 2008-08-14 20:05 - 00000000 ____D C:\Program Files\dl_Cats
2012-06-29 06:02 - 2012-06-29 05:47 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 05:47 - 2012-06-29 05:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 05:47 - 2012-06-29 05:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 05:46 - 2012-06-29 05:47 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-28 18:52 - 2011-02-05 02:36 - 00000663 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2012-06-28 18:52 - 2008-02-13 19:32 - 00000000 ____D C:\Users\Jonathan\Desktop\World of Warcraft
2012-06-27 23:13 - 2012-04-30 17:02 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Awesomium
2012-06-25 15:56 - 2008-02-12 15:09 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Google
2012-06-25 15:53 - 2012-06-25 15:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 23:46 - 2012-06-23 23:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 23:46 - 2012-06-23 23:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 19:55 - 2012-06-02 16:11 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts
2012-06-23 19:54 - 2012-06-23 19:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 19:54 - 2012-06-23 19:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 19:27 - 2008-02-12 15:06 - 00000000 ____D C:\users\Jonathan
2012-06-23 05:24 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\Microsoft.NET
2012-06-23 05:05 - 2012-06-23 05:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 04:59 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\rescache
2012-06-23 04:56 - 2012-05-21 08:29 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-23 04:56 - 2012-05-21 08:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-23 04:55 - 2010-02-03 18:32 - 00000000 ____D C:\Program Files\Windows Live
2012-06-23 04:55 - 2006-11-02 07:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-06-23 04:38 - 2012-06-23 04:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 04:38 - 2012-06-23 04:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-23 04:32 - 2008-10-21 08:10 - 00000258 _RASH C:\Users\All Users\ntuser.pol
2012-06-23 04:31 - 2012-04-26 22:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-06-21 23:29 - 2012-06-21 23:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 23:29 - 2012-06-21 23:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 23:28 - 2010-02-03 18:33 - 00000000 ____D C:\Users\Jonathan\Tracing
2012-06-21 22:04 - 2012-03-31 21:24 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Akamai
2012-06-21 17:50 - 2012-06-21 17:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 17:47 - 2012-06-21 17:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-17 01:23 - 2008-02-14 01:51 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-06-16 23:36 - 2009-01-24 14:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2012-06-16 23:28 - 2012-06-16 23:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 23:23 - 2006-11-02 07:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2012-06-16 23:21 - 2011-04-27 06:55 - 00011472 ____A C:\Windows\IE9_main.log
2012-06-16 23:20 - 2010-10-14 13:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2012-06-16 23:19 - 2012-06-16 23:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 23:19 - 2012-06-16 23:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 23:19 - 2012-06-16 23:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 23:19 - 2012-06-16 23:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 23:19 - 2012-06-16 23:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 23:19 - 2012-06-16 23:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 23:19 - 2012-06-16 23:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 23:19 - 2012-06-16 23:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 23:19 - 2006-11-02 02:32 - 00008798 ____A C:\Windows\System32\icrav03.rat
2012-06-16 23:19 - 2006-11-02 02:32 - 00001988 ____A C:\Windows\System32\ticrf.rat
2012-06-16 23:16 - 2012-06-16 23:14 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 12:26 - 2012-06-14 12:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 12:25 - 2012-06-14 12:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-14 07:46 - 2006-11-02 08:47 - 03716296 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-14 03:14 - 2006-11-02 06:24 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-06-13 21:30 - 2012-06-11 23:57 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-13 21:30 - 2012-06-11 23:57 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-13 21:23 - 2012-06-13 21:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 21:23 - 2012-06-13 21:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 23:57 - 2012-06-06 08:49 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-11 22:41 - 2011-04-02 21:02 - 00001951 ____A C:\Users\Jonathan\Desktop\Google Chrome.lnk
2012-06-11 12:02 - 2012-06-11 12:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 12:02 - 2012-06-11 12:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 19:29 - 2008-01-28 09:25 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-10 04:42 - 2012-06-10 04:41 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-07 00:55 - 2012-06-07 00:53 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-07 00:53 - 2012-06-07 00:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-07 00:53 - 2012-06-07 00:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-07 00:52 - 2012-06-07 00:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 14:51 - 2012-06-06 14:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 14:51 - 2012-06-06 14:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 08:49 - 2012-06-06 08:48 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 08:48 - 2012-06-06 08:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 08:48 - 2012-06-06 08:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 08:48 - 2012-06-06 08:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 08:48 - 2012-06-06 08:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 08:48 - 2012-06-06 08:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 08:48 - 2012-06-06 08:47 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 12:24 - 2012-06-05 12:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 12:22 - 2012-06-05 12:21 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 22:04 - 2012-06-02 22:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 22:04 - 2012-06-02 22:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 18:19 - 2012-06-21 18:31 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 18:19 - 2012-06-21 18:31 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 18:19 - 2012-06-21 18:31 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 18:19 - 2012-06-21 18:30 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 18:19 - 2012-06-21 18:30 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 18:12 - 2012-06-21 18:31 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 18:12 - 2012-06-21 18:30 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 15:19 - 2012-06-21 18:29 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 15:12 - 2012-06-21 18:29 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 12:55 - 2008-04-01 18:33 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Adobe
2012-05-26 13:00 - 2012-05-26 13:00 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{178F3BA2-77A3-43A8-B97A-67D1418BC059}
2012-05-21 11:28 - 2012-05-21 11:28 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(1).exe
2012-05-21 08:29 - 2012-05-21 08:29 - 00000320 ____A C:\Users\Jonathan\Desktop\Curse Client - Test.appref-ms
2012-05-21 08:28 - 2012-05-21 08:28 - 00396288 ____A () C:\Users\Jonathan\Downloads\Setup.exe
2012-05-21 08:23 - 2012-05-21 08:23 - 00352416 ____A (Adobe Systems Incorporated) C:\Users\Jonathan\Downloads\uninstall_flash_player_32bit.exe
2012-05-21 08:21 - 2012-05-21 08:21 - 00656896 ____A C:\Users\Jonathan\Downloads\MicrosoftFixit50525.msi
2012-05-19 20:21 - 2012-05-19 20:20 - 00001189 ____A C:\Users\Jonathan\Desktop\HAPPY FARTHERS DAY DAD.txt
2012-05-15 15:51 - 2012-06-13 23:01 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-12 12:31 - 2012-05-12 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{EE6BC67B-EBC2-4215-BC7A-D320DA05A437}
2012-05-12 12:30 - 2012-05-12 12:30 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{39ACE594-020B-4D4E-AC21-C3A3D3C14BD8}
2012-05-12 03:30 - 2010-10-23 13:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-12 03:28 - 2006-11-02 08:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2012-05-12 03:28 - 2006-11-02 08:37 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-12 03:13 - 2009-02-16 22:50 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-05-05 19:32 - 2012-05-05 14:01 - 00000000 ____D C:\Program Files\World of Warcraft Beta
2012-05-05 19:01 - 2012-05-05 19:01 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3463A734-C4FC-4C76-8AB7-AD72CB40D50A}
2012-05-05 14:01 - 2012-05-05 14:01 - 00001067 ____A C:\Users\Public\Desktop\World of Warcraft Beta.lnk
2012-05-05 14:01 - 2008-02-13 19:32 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
2012-05-05 13:59 - 2012-05-05 13:59 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-05 13:59 - 2012-05-05 13:58 - 31726720 ____A (Blizzard Entertainment) C:\Users\Jonathan\Downloads\World of Warcraft Beta Setup.exe
2012-05-01 10:03 - 2012-06-13 23:02 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-05-01 03:03 - 2012-05-01 03:03 - 00000000 ____D C:\Windows\Temp142DC983-CA8B-CDEC-4C62-C17BA5842F7A-Signatures
2012-04-30 17:00 - 2012-04-30 17:00 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\GiftBoxPlus
2012-04-30 16:59 - 2012-04-30 16:59 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51.exe
2012-04-30 07:51 - 2012-04-30 07:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B3A9A96-BB32-447F-9648-3C201A5FB7C0}
2012-04-30 07:50 - 2012-04-30 07:50 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{1DCF5F66-07DB-47C2-B44F-1A441B87EF02}
2012-04-27 01:46 - 2012-04-27 01:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{31C7759D-AE16-4CF4-B80F-277A2FC00E79}
2012-04-27 01:45 - 2012-04-27 01:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9D0926B3-37A3-4E86-A6AD-E0058095AAFE}
2012-04-26 22:47 - 2012-04-26 22:47 - 00000000 ____D C:\Users\All Users\Mozilla
2012-04-24 11:49 - 2012-04-24 11:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{870E2E56-6EA6-4404-B190-391447084AB2}
2012-04-24 11:49 - 2012-04-24 11:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{22B91EF9-277A-4FFA-BDDA-DA0A3FA0214D}
2012-04-23 12:00 - 2012-06-13 23:02 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 12:00 - 2012-06-13 23:02 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 12:00 - 2012-06-13 23:02 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 09:23 - 2012-04-23 09:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D71BB43-D492-4784-AAE6-766812DEE0FF}
2012-04-23 09:23 - 2012-04-23 09:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2EDA757F-B469-4339-A253-DB664EFE4BB5}
2012-04-19 22:32 - 2008-01-28 09:26 - 00000000 ____D C:\Program Files\Microsoft Office
2012-04-14 20:05 - 2012-04-14 20:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A6B60FB2-D274-4A12-9AA2-08EA56FC932B}
2012-04-14 20:05 - 2012-04-14 20:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{551BC2DC-73B9-4A07-9309-9DE12E9576A6}
2012-04-14 19:39 - 2012-04-14 19:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{536587C7-746D-4EED-BE53-737A17C37D34}
2012-04-14 19:36 - 2012-04-14 19:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C3A6E262-63C4-4CD6-9D83-7128FC922633}
2012-04-14 15:10 - 2012-04-14 15:10 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{61A78671-F4F2-4608-ABC1-18D84BDBFE5E}
2012-04-13 19:23 - 2012-04-13 19:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C2E54D0A-8B47-4792-990D-E7E8CA6BFA5A}
2012-04-08 11:54 - 2011-03-06 02:45 - 00002924 ____A C:\Windows\setupact.log
2012-04-08 11:08 - 2012-04-08 11:08 - 00001854 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-04-08 11:08 - 2010-01-18 13:29 - 00000000 ____D C:\Program Files\Adobe
2012-04-08 11:08 - 2008-05-27 20:23 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-04-08 10:43 - 2011-03-11 20:12 - 00000000 ____D C:\Users\Public\Documents\Adobe
2012-04-07 19:19 - 2012-04-07 19:19 - 00259144 ____A C:\Users\Jonathan\Downloads\installer_adobe_flash_player_English.exe
2012-04-07 17:48 - 2012-04-07 17:48 - 16157992 ____A (Mozilla) C:\Users\Jonathan\Downloads\Firefox Setup 11.0.exe
2012-04-07 17:48 - 2012-04-07 17:48 - 00000808 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-04-06 14:02 - 2008-01-28 09:12 - 00000000 ____D C:\Program Files\Common Files\Java
2012-04-06 14:01 - 2012-04-06 14:01 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2012-04-06 14:01 - 2012-04-06 14:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2012-04-06 14:01 - 2012-04-06 14:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2012-04-06 14:01 - 2010-05-07 13:24 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2012-04-04 15:56 - 2009-01-09 05:08 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 04:16 - 2012-05-11 23:02 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-04-03 04:16 - 2012-05-11 23:02 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-02 12:17 - 2012-04-02 12:17 - 00000105 ____A C:\Users\Jonathan\Desktop\Lings stats.txt
2012-04-01 23:05 - 2011-03-16 09:09 - 00000000 ____D C:\Program Files\Ask.com
2012-04-01 16:24 - 2008-04-01 18:33 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Adobe
2012-04-01 14:14 - 2012-04-01 14:14 - 00000050 ____A C:\user.js
2012-04-01 14:14 - 2012-04-01 14:14 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla
2012-04-01 14:14 - 2012-04-01 14:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2012-04-01 14:14 - 2012-04-01 14:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2012-04-01 14:14 - 2012-04-01 14:14 - 00000000 ____D C:\Program Files\FreeWorkz
2012-04-01 14:14 - 2010-02-28 20:46 - 00000000 ____D C:\Program Files\7-Zip
2012-04-01 14:11 - 2012-04-01 14:11 - 00711144 ____A C:\Users\Jonathan\Downloads\7zip-setup.exe
2012-04-01 14:11 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\Resources
2012-04-01 14:10 - 2010-04-03 23:10 - 00000000 ____D C:\Users\All Users\WinZip
2012-04-01 13:42 - 2008-02-13 13:11 - 00000000 ____D C:\Users\Public\Shared
2012-04-01 03:04 - 2006-11-02 07:18 - 00000000 ____D C:\Program Files\Common Files\System

ZeroAccess:
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

ZeroAccess:
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\@
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 8737764F4FD36D6808EE80578409C843 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-06-2012 01
Ran by SYSTEM at 29-06-2012 19:49:18
Running from D:\
Windows Vista ™ Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet003

========================== Registry (Whitelisted) =============

HKLM\...\Run: [] [x]
HKLM\...\Run: [DLBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 [73728 2007-02-22] ()
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-03-05] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-03-05] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-03-05] (Intel Corporation)
HKLM\...\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup [1485208 2010-07-28] (Affinegy, Inc.)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1391272 2012-01-03] (Ask)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [hleras] rundll32.exe "C:\Users\Jonathan\AppData\Roaming\hleras.dll",FlushState [138752 2012-06-29] (DT Soft Ltd)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKU\Default\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Default User\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Guest\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Guest\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKU\Guest\...\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [6373376 2009-12-01] ()
HKU\Jonathan\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\Jonathan\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-09-22] (Microsoft Corporation)
HKU\Jonathan\...\Run: [AdobeBridge] [x]
HKU\Jonathan\...\Run: [Akamai NetSession Interface] "C:\Users\Jonathan\AppData\Local\Akamai\netsession_win.exe" [4327744 2012-05-26] (Akamai Technologies, Inc)
HKU\Jonathan\...\Run: [cabfbeebbcebedct] "C:\ProgramData\cabfbeebbcebedct.exe" [97768 2012-06-29] ()
HKU\Jonathan\...\Policies\system: [LogonHoursAction] 2
HKU\Jonathan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Public\...\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [6373376 2009-12-01] ()
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Startup: C:\Users\Jonathan\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

================================ Services (Whitelisted) ==================

2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
2 AffinegyService; "C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe" [569752 2010-07-28] (Affinegy, Inc.)
2 Belkin Local Backup Service; "C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe" /service [152064 2010-02-17] ()
2 Belkin Network USB Helper; "C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe" /service [49152 2010-02-09] ()
2 dlbt_device; C:\Windows\system32\dlbtcoms.exe -service [538096 2007-06-06] ( )
3 DSBrokerService; "C:\Program Files\DellSupport\brkrsvc.exe" [70656 2007-03-19] ()
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [292352 2008-01-18] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [131072 2006-11-02] (Microsoft Corporation)
2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-18] (Microsoft Corporation)
2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe [284016 2009-08-05] (Eastman Kodak Company)
3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [394608 2008-07-15] (SupportSoft, Inc.)
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
2 Akamai; c:\program files\common files\akamai/netsession_win_80c2ffa.dll [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
2 PSI_SVC_2; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [x]

========================== Drivers (Whitelisted) =============

3 athrusb; C:\Windows\System32\DRIVERS\athrusb.sys [904192 2008-07-28] (Atheros Communications, Inc.)
3 DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)
3 hitmanpro36; \??\C:\Windows\system32\drivers\hitmanpro36.sys [27424 2012-06-29] ()
3 HSXHWBS2; C:\Windows\System32\DRIVERS\HSXHWBS2.sys [258048 2006-10-18] (Conexant Systems, Inc.)
3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [38224 2010-01-07] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2009-03-25] (VSO Software)
3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x]
3 GoogleDesktopManager; [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-29 14:57 - 2012-06-29 14:59 - 00000000 ___SD C:\32788R22FWJFW
2012-06-29 14:54 - 2012-06-29 14:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2BD9EDA4-D87D-445B-A333-ACF6952CC2A8}
2012-06-29 14:53 - 2012-06-29 14:53 - 00000185 ____A C:\Users\Jonathan\Desktop\CAM_SD (J) - Shortcut.lnk
2012-06-29 14:45 - 2012-06-29 14:45 - 00000000 ____A C:\Users\Jonathan\defogger_reenable
2012-06-29 14:16 - 2012-06-29 19:49 - 00000000 ____D C:\FRST
2012-06-29 14:16 - 2012-06-29 14:20 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 14:16 - 2012-06-29 14:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 14:15 - 2012-06-29 14:16 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 12:54 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-06-29 12:54 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-06-29 12:54 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-06-29 12:49 - 2012-06-29 12:49 - 00000000 ____D C:\Qoobox
2012-06-29 12:48 - 2012-06-29 12:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 12:47 - 2012-06-29 12:48 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 09:40 - 2012-06-29 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 09:39 - 2012-06-29 09:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 09:39 - 2012-06-29 09:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 02:40 - 2012-06-29 02:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\My Curse
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 02:07 - 2012-06-29 02:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 01:47 - 2012-06-29 15:02 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 01:47 - 2012-06-29 02:02 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 01:47 - 2012-06-29 01:46 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-25 11:53 - 2012-06-25 11:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 19:46 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 19:45 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 01:05 - 2012-06-23 01:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 14:31 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-21 14:31 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-21 14:31 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-21 14:31 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-21 14:30 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-21 14:30 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-21 14:30 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-21 14:29 - 2012-06-02 11:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-21 14:29 - 2012-06-02 11:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-21 13:50 - 2012-06-21 13:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 13:47 - 2012-06-21 13:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-16 19:28 - 2012-06-16 19:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 19:19 - 2012-06-16 19:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 19:19 - 2012-06-16 19:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 19:19 - 2012-06-16 19:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 19:19 - 2012-06-16 19:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 19:19 - 2012-06-16 19:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 19:19 - 2012-06-16 19:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 19:14 - 2012-06-16 19:16 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 08:25 - 2012-06-14 08:26 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 08:25 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-13 19:02 - 2012-05-01 06:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 19:02 - 2012-04-23 08:00 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 19:02 - 2012-04-23 08:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 19:02 - 2012-04-23 08:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 19:01 - 2012-05-15 11:51 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 19:57 - 2012-06-13 17:30 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-11 19:57 - 2012-06-13 17:30 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 00:41 - 2012-06-10 00:42 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-06 20:53 - 2012-06-06 20:55 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-06 20:53 - 2012-06-06 20:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-06 20:53 - 2012-06-06 20:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-06 20:52 - 2012-06-06 20:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 04:49 - 2012-06-11 19:57 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-06 04:48 - 2012-06-06 04:49 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 04:48 - 2012-06-06 04:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 04:47 - 2012-06-06 04:48 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 08:24 - 2012-06-05 08:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 08:21 - 2012-06-05 08:22 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 12:11 - 2012-06-23 15:55 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts


============ 3 Months Modified Files and Folders ===============

2012-06-29 19:49 - 2012-06-29 14:16 - 00000000 ____D C:\FRST
2012-06-29 15:44 - 2012-06-29 15:44 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mqcixmpj.sys
2012-06-29 15:43 - 2011-03-08 19:52 - 00000000 ____D C:\Program Files\Common Files\Akamai
2012-06-29 15:43 - 2010-02-23 21:21 - 00000000 ____D C:\Users\All Users\Kodak
2012-06-29 15:43 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-29 15:43 - 2006-11-02 04:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-29 15:43 - 2006-11-02 04:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-29 15:39 - 2010-02-24 14:01 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-29 15:30 - 2008-10-20 04:58 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{8BCDB802-AAEE-48A6-959C-1C26A3266CAE}.job
2012-06-29 15:02 - 2012-06-29 01:47 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 15:02 - 2009-03-14 17:35 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Deployment
2012-06-29 15:00 - 2010-05-18 04:22 - 00000470 ____A C:\Windows\Tasks\SDMsgUpdate (TE).job
2012-06-29 15:00 - 2010-02-24 14:01 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-29 14:59 - 2012-06-29 14:57 - 00000000 ___SD C:\32788R22FWJFW
2012-06-29 14:54 - 2012-06-29 14:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2BD9EDA4-D87D-445B-A333-ACF6952CC2A8}
2012-06-29 14:53 - 2012-06-29 14:53 - 00000185 ____A C:\Users\Jonathan\Desktop\CAM_SD (J) - Shortcut.lnk
2012-06-29 14:45 - 2012-06-29 14:45 - 00000000 ____A C:\Users\Jonathan\defogger_reenable
2012-06-29 14:45 - 2008-02-12 11:06 - 00000000 ____D C:\users\Jonathan
2012-06-29 14:20 - 2012-06-29 14:16 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 14:16 - 2012-06-29 14:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 14:16 - 2012-06-29 14:15 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 14:16 - 2009-01-09 01:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-06-29 13:57 - 2012-05-21 04:29 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-29 13:31 - 2008-01-28 04:58 - 01565567 ____A C:\Windows\WindowsUpdate.log
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 13:13 - 2011-03-28 04:55 - 00005438 ____A C:\Windows\PFRO.log
2012-06-29 12:49 - 2012-06-29 12:49 - 00000000 ____D C:\Qoobox
2012-06-29 12:48 - 2012-06-29 12:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 12:48 - 2012-06-29 12:47 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 12:31 - 2010-10-23 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Windows Live
2012-06-29 12:19 - 2009-09-16 23:40 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-06-29 11:22 - 2006-11-02 05:01 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-29 10:06 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\LogFiles
2012-06-29 09:40 - 2012-06-29 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 09:39 - 2012-06-29 09:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 09:39 - 2012-06-29 09:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 09:32 - 2010-01-18 09:35 - 00000680 ____A C:\Users\Jonathan\AppData\Local\d3d9caps.dat
2012-06-29 02:55 - 2008-01-28 05:12 - 00000012 ____A C:\Windows\bthservsdp.dat
2012-06-29 02:40 - 2012-06-29 02:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\My Curse
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 02:22 - 2012-03-31 22:03 - 00000000 __SHD C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
2012-06-29 02:13 - 2011-03-05 21:47 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-29 02:13 - 2006-11-02 02:33 - 00721296 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-29 02:12 - 2011-03-05 21:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-29 02:07 - 2012-06-29 02:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 02:06 - 2008-08-14 16:05 - 00000000 ____D C:\Program Files\dl_Cats
2012-06-29 02:02 - 2012-06-29 01:47 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 01:46 - 2012-06-29 01:47 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-28 14:52 - 2011-02-04 22:36 - 00000663 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2012-06-28 14:52 - 2008-02-13 15:32 - 00000000 ____D C:\Users\Jonathan\Desktop\World of Warcraft
2012-06-27 19:13 - 2012-04-30 13:02 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Awesomium
2012-06-25 11:56 - 2008-02-12 11:09 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Google
2012-06-25 11:53 - 2012-06-25 11:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 19:46 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 19:46 - 2012-06-23 19:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 15:55 - 2012-06-02 12:11 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 01:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Microsoft.NET
2012-06-23 01:05 - 2012-06-23 01:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 00:59 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2012-06-23 00:56 - 2012-05-21 04:29 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-23 00:56 - 2012-05-21 04:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-23 00:55 - 2010-02-03 14:32 - 00000000 ____D C:\Program Files\Windows Live
2012-06-23 00:55 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-23 00:32 - 2008-10-21 04:10 - 00000258 _RASH C:\Users\All Users\ntuser.pol
2012-06-23 00:31 - 2012-04-26 18:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 19:28 - 2010-02-03 14:33 - 00000000 ____D C:\Users\Jonathan\Tracing
2012-06-21 18:04 - 2012-03-31 17:24 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Akamai
2012-06-21 13:50 - 2012-06-21 13:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 13:47 - 2012-06-21 13:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-16 21:23 - 2008-02-13 21:51 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-06-16 19:36 - 2009-01-24 10:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2012-06-16 19:28 - 2012-06-16 19:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 19:23 - 2006-11-02 03:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2012-06-16 19:21 - 2011-04-27 02:55 - 00011472 ____A C:\Windows\IE9_main.log
2012-06-16 19:20 - 2010-10-14 09:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2012-06-16 19:19 - 2012-06-16 19:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 19:19 - 2012-06-16 19:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 19:19 - 2012-06-16 19:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 19:19 - 2012-06-16 19:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 19:19 - 2012-06-16 19:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 19:19 - 2012-06-16 19:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 19:19 - 2006-11-01 22:32 - 00008798 ____A C:\Windows\System32\icrav03.rat
2012-06-16 19:19 - 2006-11-01 22:32 - 00001988 ____A C:\Windows\System32\ticrf.rat
2012-06-16 19:16 - 2012-06-16 19:14 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 08:26 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 08:25 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-14 03:46 - 2006-11-02 04:47 - 03716296 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-13 23:14 - 2006-11-02 02:24 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-06-13 17:30 - 2012-06-11 19:57 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-13 17:30 - 2012-06-11 19:57 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 19:57 - 2012-06-06 04:49 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-11 18:41 - 2011-04-02 17:02 - 00001951 ____A C:\Users\Jonathan\Desktop\Google Chrome.lnk
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 15:29 - 2008-01-28 05:25 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-10 00:42 - 2012-06-10 00:41 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-06 20:55 - 2012-06-06 20:53 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-06 20:53 - 2012-06-06 20:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-06 20:53 - 2012-06-06 20:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-06 20:52 - 2012-06-06 20:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 04:49 - 2012-06-06 04:48 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 04:48 - 2012-06-06 04:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:47 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 08:24 - 2012-06-05 08:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 08:22 - 2012-06-05 08:21 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 14:19 - 2012-06-21 14:31 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 14:31 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 14:31 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 14:30 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 14:30 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:12 - 2012-06-21 14:31 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:12 - 2012-06-21 14:30 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-21 14:29 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:12 - 2012-06-21 14:29 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 08:55 - 2008-04-01 14:33 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Adobe
2012-05-26 09:00 - 2012-05-26 09:00 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{178F3BA2-77A3-43A8-B97A-67D1418BC059}
2012-05-21 07:28 - 2012-05-21 07:28 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(1).exe
2012-05-21 04:29 - 2012-05-21 04:29 - 00000320 ____A C:\Users\Jonathan\Desktop\Curse Client - Test.appref-ms
2012-05-21 04:28 - 2012-05-21 04:28 - 00396288 ____A () C:\Users\Jonathan\Downloads\Setup.exe
2012-05-21 04:23 - 2012-05-21 04:23 - 00352416 ____A (Adobe Systems Incorporated) C:\Users\Jonathan\Downloads\uninstall_flash_player_32bit.exe
2012-05-21 04:21 - 2012-05-21 04:21 - 00656896 ____A C:\Users\Jonathan\Downloads\MicrosoftFixit50525.msi
2012-05-19 16:21 - 2012-05-19 16:20 - 00001189 ____A C:\Users\Jonathan\Desktop\HAPPY FARTHERS DAY DAD.txt
2012-05-15 11:51 - 2012-06-13 19:01 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-12 08:31 - 2012-05-12 08:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{EE6BC67B-EBC2-4215-BC7A-D320DA05A437}
2012-05-12 08:30 - 2012-05-12 08:30 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{39ACE594-020B-4D4E-AC21-C3A3D3C14BD8}
2012-05-11 23:30 - 2010-10-23 09:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-11 23:28 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2012-05-11 23:28 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-11 23:13 - 2009-02-16 18:50 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-05-05 15:32 - 2012-05-05 10:01 - 00000000 ____D C:\Program Files\World of Warcraft Beta
2012-05-05 15:01 - 2012-05-05 15:01 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3463A734-C4FC-4C76-8AB7-AD72CB40D50A}
2012-05-05 10:01 - 2012-05-05 10:01 - 00001067 ____A C:\Users\Public\Desktop\World of Warcraft Beta.lnk
2012-05-05 10:01 - 2008-02-13 15:32 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
2012-05-05 09:59 - 2012-05-05 09:59 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-05 09:59 - 2012-05-05 09:58 - 31726720 ____A (Blizzard Entertainment) C:\Users\Jonathan\Downloads\World of Warcraft Beta Setup.exe
2012-05-01 06:03 - 2012-06-13 19:02 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-30 23:03 - 2012-04-30 23:03 - 00000000 ____D C:\Windows\Temp142DC983-CA8B-CDEC-4C62-C17BA5842F7A-Signatures
2012-04-30 13:00 - 2012-04-30 13:00 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\GiftBoxPlus
2012-04-30 12:59 - 2012-04-30 12:59 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51.exe
2012-04-30 03:51 - 2012-04-30 03:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B3A9A96-BB32-447F-9648-3C201A5FB7C0}
2012-04-30 03:50 - 2012-04-30 03:50 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{1DCF5F66-07DB-47C2-B44F-1A441B87EF02}
2012-04-26 21:46 - 2012-04-26 21:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{31C7759D-AE16-4CF4-B80F-277A2FC00E79}
2012-04-26 21:45 - 2012-04-26 21:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9D0926B3-37A3-4E86-A6AD-E0058095AAFE}
2012-04-26 18:47 - 2012-04-26 18:47 - 00000000 ____D C:\Users\All Users\Mozilla
2012-04-24 07:49 - 2012-04-24 07:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{870E2E56-6EA6-4404-B190-391447084AB2}
2012-04-24 07:49 - 2012-04-24 07:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{22B91EF9-277A-4FFA-BDDA-DA0A3FA0214D}
2012-04-23 08:00 - 2012-06-13 19:02 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 08:00 - 2012-06-13 19:02 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 08:00 - 2012-06-13 19:02 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 05:23 - 2012-04-23 05:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D71BB43-D492-4784-AAE6-766812DEE0FF}
2012-04-23 05:23 - 2012-04-23 05:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2EDA757F-B469-4339-A253-DB664EFE4BB5}
2012-04-19 18:32 - 2008-01-28 05:26 - 00000000 ____D C:\Program Files\Microsoft Office
2012-04-14 16:05 - 2012-04-14 16:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A6B60FB2-D274-4A12-9AA2-08EA56FC932B}
2012-04-14 16:05 - 2012-04-14 16:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{551BC2DC-73B9-4A07-9309-9DE12E9576A6}
2012-04-14 15:39 - 2012-04-14 15:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{536587C7-746D-4EED-BE53-737A17C37D34}
2012-04-14 15:36 - 2012-04-14 15:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C3A6E262-63C4-4CD6-9D83-7128FC922633}
2012-04-14 11:10 - 2012-04-14 11:10 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{61A78671-F4F2-4608-ABC1-18D84BDBFE5E}
2012-04-13 15:23 - 2012-04-13 15:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C2E54D0A-8B47-4792-990D-E7E8CA6BFA5A}
2012-04-08 07:54 - 2011-03-05 22:45 - 00002924 ____A C:\Windows\setupact.log
2012-04-08 07:08 - 2012-04-08 07:08 - 00001854 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-04-08 07:08 - 2010-01-18 09:29 - 00000000 ____D C:\Program Files\Adobe
2012-04-08 07:08 - 2008-05-27 16:23 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-04-08 06:43 - 2011-03-11 16:12 - 00000000 ____D C:\Users\Public\Documents\Adobe
2012-04-07 15:19 - 2012-04-07 15:19 - 00259144 ____A C:\Users\Jonathan\Downloads\installer_adobe_flash_player_English.exe
2012-04-07 13:48 - 2012-04-07 13:48 - 16157992 ____A (Mozilla) C:\Users\Jonathan\Downloads\Firefox Setup 11.0.exe
2012-04-07 13:48 - 2012-04-07 13:48 - 00000808 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-04-06 10:02 - 2008-01-28 05:12 - 00000000 ____D C:\Program Files\Common Files\Java
2012-04-06 10:01 - 2012-04-06 10:01 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2012-04-06 10:01 - 2012-04-06 10:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2012-04-06 10:01 - 2012-04-06 10:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2012-04-06 10:01 - 2010-05-07 09:24 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2012-04-04 11:56 - 2009-01-09 01:08 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 00:16 - 2012-05-11 19:02 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-04-03 00:16 - 2012-05-11 19:02 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-02 08:17 - 2012-04-02 08:17 - 00000105 ____A C:\Users\Jonathan\Desktop\Lings stats.txt
2012-04-01 19:05 - 2011-03-16 05:09 - 00000000 ____D C:\Program Files\Ask.com
2012-04-01 12:24 - 2008-04-01 14:33 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Adobe
2012-04-01 10:14 - 2012-04-01 10:14 - 00000050 ____A C:\user.js
2012-04-01 10:14 - 2012-04-01 10:14 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla
2012-04-01 10:14 - 2012-04-01 10:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2012-04-01 10:14 - 2012-04-01 10:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2012-04-01 10:14 - 2012-04-01 10:14 - 00000000 ____D C:\Program Files\FreeWorkz
2012-04-01 10:14 - 2010-02-28 16:46 - 00000000 ____D C:\Program Files\7-Zip
2012-04-01 10:11 - 2012-04-01 10:11 - 00711144 ____A C:\Users\Jonathan\Downloads\7zip-setup.exe
2012-04-01 10:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Resources
2012-04-01 10:10 - 2010-04-03 19:10 - 00000000 ____D C:\Users\All Users\WinZip
2012-04-01 09:42 - 2008-02-13 09:11 - 00000000 ____D C:\Users\Public\Shared

ZeroAccess:
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

ZeroAccess:
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\@
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 8737764F4FD36D6808EE80578409C843 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 11%
Total physical RAM: 3316.56 MB
Available physical RAM: 2948.66 MB
Total Pagefile: 3209.11 MB
Available Pagefile: 3027.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1990.35 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:170.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (CAM_SD) (Removable) (Total:3.69 GB) (Free:3.66 GB) FAT32
8 Drive x: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.93 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 466 GB 981 KB
Disk 1 Online 3782 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 47 MB 32 KB
Partition 2 Primary 10 GB 48 MB
Partition 3 Primary 456 GB 10 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 FAT Partition 47 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 X RECOVERY NTFS Partition 10 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 C OS NTFS Partition 456 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3778 MB 4096 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D CAM_SD FAT32 Removable 3778 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-29 13:22

======================= End Of Log ==========================


Farbar Recovery Scan Tool Version: 20-06-2012 01
Ran by SYSTEM at 2012-06-29 19:50:52
Running from D:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2009-09-16 23:40] - [2009-04-10 22:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2008-06-02 13:28] - [2008-01-18 23:33] - 0279040 ____A (Microsoft Corporation) 2B336AB6286D6C81FA02CBAB914E3C6C

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2006-11-02 00:35] - [2006-11-02 01:45] - 0279552 ____A (Microsoft Corporation) 329CF3C97CE4C19375C8ABCABAE258B0

C:\Windows\System32\services.exe
[2009-09-16 23:40] - [2012-06-29 12:19] - 0279552 ____A (Microsoft Corporation) 8737764F4FD36D6808EE80578409C843

=== End Of Search ===

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:35 PM

Posted 29 June 2012 - 07:42 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,832 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:08:35 PM

Posted 29 June 2012 - 11:53 PM

FRST is to be ran in the Repair Console. There are certain issues we can't fix in Normal Mode, such as replacing a file that is in use.


Would you be able to boot to the Repair Console instead and run FRST?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 30 June 2012 - 12:31 AM

I redid the scans and saved the logs. I did it exactly like I did the first time as per the instructions above, but hopefully everything came out like its supposed to this time. The first log is the FRST log and the second is the Search log.





Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-06-2012 01
Ran by SYSTEM at 30-06-2012 01:14:52
Running from D:\
Windows Vista ™ Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet003

========================== Registry (Whitelisted) =============

HKLM\...\Run: [] [x]
HKLM\...\Run: [DLBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 [73728 2007-02-22] ()
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-03-05] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-03-05] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-03-05] (Intel Corporation)
HKLM\...\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup [1485208 2010-07-28] (Affinegy, Inc.)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1391272 2012-01-03] (Ask)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [hleras] rundll32.exe "C:\Users\Jonathan\AppData\Roaming\hleras.dll",FlushState [138752 2012-06-29] (DT Soft Ltd)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKU\Default\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Default User\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Guest\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)
HKU\Guest\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKU\Guest\...\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [6373376 2009-12-01] ()
HKU\Jonathan\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\Jonathan\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-09-22] (Microsoft Corporation)
HKU\Jonathan\...\Run: [AdobeBridge] [x]
HKU\Jonathan\...\Run: [Akamai NetSession Interface] "C:\Users\Jonathan\AppData\Local\Akamai\netsession_win.exe" [4327744 2012-05-26] (Akamai Technologies, Inc)
HKU\Jonathan\...\Run: [cabfbeebbcebedct] "C:\ProgramData\cabfbeebbcebedct.exe" [97768 2012-06-29] ()
HKU\Jonathan\...\Policies\system: [LogonHoursAction] 2
HKU\Jonathan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Public\...\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [6373376 2009-12-01] ()
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Startup: C:\Users\Jonathan\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

================================ Services (Whitelisted) ==================

2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
2 AffinegyService; "C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe" [569752 2010-07-28] (Affinegy, Inc.)
2 Belkin Local Backup Service; "C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe" /service [152064 2010-02-17] ()
2 Belkin Network USB Helper; "C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe" /service [49152 2010-02-09] ()
2 dlbt_device; C:\Windows\system32\dlbtcoms.exe -service [538096 2007-06-06] ( )
3 DSBrokerService; "C:\Program Files\DellSupport\brkrsvc.exe" [70656 2007-03-19] ()
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [292352 2008-01-18] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [131072 2006-11-02] (Microsoft Corporation)
2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-18] (Microsoft Corporation)
2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe [284016 2009-08-05] (Eastman Kodak Company)
3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [394608 2008-07-15] (SupportSoft, Inc.)
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
2 Akamai; c:\program files\common files\akamai/netsession_win_80c2ffa.dll [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
2 PSI_SVC_2; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [x]

========================== Drivers (Whitelisted) =============

3 athrusb; C:\Windows\System32\DRIVERS\athrusb.sys [904192 2008-07-28] (Atheros Communications, Inc.)
1 crlwxfuo; \??\C:\Windows\system32\drivers\crlwxfuo.sys [42960 2012-06-29] (Microsoft Corporation)
3 DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)
3 hitmanpro36; \??\C:\Windows\system32\drivers\hitmanpro36.sys [27424 2012-06-29] ()
3 HSXHWBS2; C:\Windows\System32\DRIVERS\HSXHWBS2.sys [258048 2006-10-18] (Conexant Systems, Inc.)
3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [38224 2010-01-07] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2009-03-25] (VSO Software)
3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x]
3 GoogleDesktopManager; [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-29 21:08 - 2012-06-29 21:08 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{49EAAEAC-C2DB-4C3D-83C5-830E3ED5E1FD}
2012-06-29 20:17 - 2012-06-29 20:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{0B93B398-9D71-4A25-8748-577A1FD53A0B}
2012-06-29 20:16 - 2012-06-29 20:16 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{812CF18E-6493-4407-8C7D-98D3B630990C}
2012-06-29 14:57 - 2012-06-29 14:59 - 00000000 ___SD C:\32788R22FWJFW
2012-06-29 14:54 - 2012-06-29 14:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2BD9EDA4-D87D-445B-A333-ACF6952CC2A8}
2012-06-29 14:53 - 2012-06-29 14:53 - 00000185 ____A C:\Users\Jonathan\Desktop\CAM_SD (J) - Shortcut.lnk
2012-06-29 14:45 - 2012-06-29 14:45 - 00000000 ____A C:\Users\Jonathan\defogger_reenable
2012-06-29 14:16 - 2012-06-29 19:50 - 00000000 ____D C:\FRST
2012-06-29 14:16 - 2012-06-29 14:20 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 14:16 - 2012-06-29 14:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 14:15 - 2012-06-29 14:16 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 12:54 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-06-29 12:54 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-06-29 12:54 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-06-29 12:54 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-06-29 12:49 - 2012-06-29 12:49 - 00000000 ____D C:\Qoobox
2012-06-29 12:48 - 2012-06-29 12:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 12:47 - 2012-06-29 12:48 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 09:40 - 2012-06-29 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 09:39 - 2012-06-29 09:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 09:39 - 2012-06-29 09:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 02:40 - 2012-06-29 02:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\My Curse
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 02:07 - 2012-06-29 02:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 01:47 - 2012-06-29 21:11 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 01:47 - 2012-06-29 02:02 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 01:47 - 2012-06-29 01:46 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-25 11:53 - 2012-06-25 11:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 19:46 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 19:45 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 01:05 - 2012-06-23 01:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 14:31 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-21 14:31 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-21 14:31 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-21 14:31 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-21 14:30 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-21 14:30 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-21 14:30 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-21 14:29 - 2012-06-02 11:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-21 14:29 - 2012-06-02 11:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-21 13:50 - 2012-06-21 13:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 13:47 - 2012-06-21 13:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-16 19:28 - 2012-06-16 19:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 19:19 - 2012-06-16 19:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 19:19 - 2012-06-16 19:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 19:19 - 2012-06-16 19:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 19:19 - 2012-06-16 19:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 19:19 - 2012-06-16 19:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 19:19 - 2012-06-16 19:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 19:14 - 2012-06-16 19:16 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 08:25 - 2012-06-14 08:26 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 08:25 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-13 19:02 - 2012-05-01 06:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 19:02 - 2012-04-23 08:00 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 19:02 - 2012-04-23 08:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 19:02 - 2012-04-23 08:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 19:01 - 2012-05-15 11:51 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 19:57 - 2012-06-13 17:30 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-11 19:57 - 2012-06-13 17:30 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 00:41 - 2012-06-10 00:42 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-06 20:53 - 2012-06-06 20:55 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-06 20:53 - 2012-06-06 20:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-06 20:53 - 2012-06-06 20:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-06 20:52 - 2012-06-06 20:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 04:49 - 2012-06-11 19:57 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-06 04:48 - 2012-06-06 04:49 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 04:48 - 2012-06-06 04:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 04:47 - 2012-06-06 04:48 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 08:24 - 2012-06-05 08:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 08:21 - 2012-06-05 08:22 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 12:11 - 2012-06-23 15:55 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts


============ 3 Months Modified Files and Folders ===============

2012-06-29 21:11 - 2012-06-29 01:47 - 00097768 ____A C:\Users\All Users\cabfbeebbcebedct.exe
2012-06-29 21:10 - 2012-06-29 21:10 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crlwxfuo.sys
2012-06-29 21:10 - 2008-10-20 04:58 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{8BCDB802-AAEE-48A6-959C-1C26A3266CAE}.job
2012-06-29 21:09 - 2011-03-08 19:52 - 00000000 ____D C:\Program Files\Common Files\Akamai
2012-06-29 21:09 - 2010-05-18 04:22 - 00000470 ____A C:\Windows\Tasks\SDMsgUpdate (TE).job
2012-06-29 21:09 - 2010-02-24 14:01 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-29 21:09 - 2010-02-23 21:21 - 00000000 ____D C:\Users\All Users\Kodak
2012-06-29 21:09 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-29 21:09 - 2006-11-02 04:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-29 21:09 - 2006-11-02 04:47 - 00004160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-29 21:08 - 2012-06-29 21:08 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{49EAAEAC-C2DB-4C3D-83C5-830E3ED5E1FD}
2012-06-29 21:08 - 2009-03-14 17:35 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Deployment
2012-06-29 20:57 - 2012-05-21 04:29 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-29 20:52 - 2006-11-02 05:01 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-29 20:17 - 2012-06-29 20:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{0B93B398-9D71-4A25-8748-577A1FD53A0B}
2012-06-29 20:16 - 2012-06-29 20:16 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{812CF18E-6493-4407-8C7D-98D3B630990C}
2012-06-29 20:01 - 2010-01-18 09:35 - 00000680 ____A C:\Users\Jonathan\AppData\Local\d3d9caps.dat
2012-06-29 19:56 - 2006-11-02 02:33 - 00706760 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-29 19:50 - 2012-06-29 14:16 - 00000000 ____D C:\FRST
2012-06-29 19:39 - 2010-02-24 14:01 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-29 14:59 - 2012-06-29 14:57 - 00000000 ___SD C:\32788R22FWJFW
2012-06-29 14:54 - 2012-06-29 14:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2BD9EDA4-D87D-445B-A333-ACF6952CC2A8}
2012-06-29 14:53 - 2012-06-29 14:53 - 00000185 ____A C:\Users\Jonathan\Desktop\CAM_SD (J) - Shortcut.lnk
2012-06-29 14:45 - 2012-06-29 14:45 - 00000000 ____A C:\Users\Jonathan\defogger_reenable
2012-06-29 14:45 - 2008-02-12 11:06 - 00000000 ____D C:\users\Jonathan
2012-06-29 14:20 - 2012-06-29 14:16 - 00027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-06-29 14:16 - 2012-06-29 14:16 - 00000868 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-29 14:16 - 2012-06-29 14:15 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-29 14:16 - 2009-01-09 01:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-06-29 13:31 - 2008-01-28 04:58 - 01566386 ____A C:\Windows\WindowsUpdate.log
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B2C7347-2143-41E3-B855-8A6DEE80AF32}
2012-06-29 13:17 - 2012-06-29 13:17 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9A6E2A88-A85C-43B8-912E-31900EB2CF0D}
2012-06-29 13:13 - 2011-03-28 04:55 - 00005438 ____A C:\Windows\PFRO.log
2012-06-29 12:49 - 2012-06-29 12:49 - 00000000 ____D C:\Qoobox
2012-06-29 12:48 - 2012-06-29 12:48 - 04566027 ____R (Swearware) C:\Users\Jonathan\Desktop\ComboFix.exe
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Windows\erdnt
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{BA9FFF57-F59A-4D3E-A92E-265F486DDD44}
2012-06-29 12:48 - 2012-06-29 12:48 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{411EB30C-5619-4AA5-B0EE-6BDB874C97E1}
2012-06-29 12:48 - 2012-06-29 12:47 - 04731392 ____A (AVAST Software) C:\Users\Jonathan\Desktop\aswMBR.exe
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{F85AD22B-A3EF-49FF-B6C0-513D96E7BA41}
2012-06-29 12:31 - 2012-06-29 12:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{80F3AF07-A119-4A6C-A4C6-41BDB827715B}
2012-06-29 12:31 - 2010-10-23 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Windows Live
2012-06-29 12:19 - 2009-09-16 23:40 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-06-29 10:06 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\LogFiles
2012-06-29 09:40 - 2012-06-29 09:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{E77B8605-ED0C-4667-ADAA-C639CA02D8A1}
2012-06-29 09:39 - 2012-06-29 09:39 - 00042960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ncofngjt.sys
2012-06-29 09:39 - 2012-06-29 09:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3E28CD3D-43C7-45EB-B88D-15E6AA8D6483}
2012-06-29 02:55 - 2008-01-28 05:12 - 00000012 ____A C:\Windows\bthservsdp.dat
2012-06-29 02:40 - 2012-06-29 02:40 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D5973B86-0EAC-4C3E-9EDF-CAEBA3CAE2F0}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DB4EF031-1013-48C6-9CD5-9328E757BA21}
2012-06-29 02:36 - 2012-06-29 02:36 - 00000000 ____D C:\My Curse
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{DCDC32F2-9A94-44BC-9CF1-19969F33717E}
2012-06-29 02:31 - 2012-06-29 02:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C294EDA4-FF4C-4281-AAE5-4AA26CAFCC5A}
2012-06-29 02:22 - 2012-03-31 22:03 - 00000000 __SHD C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
2012-06-29 02:13 - 2011-03-05 21:47 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-29 02:12 - 2011-03-05 21:46 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-29 02:07 - 2012-06-29 02:07 - 10288512 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\mseinstall (1).exe
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9E72AC04-2EDD-4188-A6E5-49FF979C8715}
2012-06-29 02:07 - 2012-06-29 02:07 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{299B8A25-2792-4FAB-BAA3-D1E35EDF8CB1}
2012-06-29 02:06 - 2008-08-14 16:05 - 00000000 ____D C:\Program Files\dl_Cats
2012-06-29 02:02 - 2012-06-29 01:47 - 00000000 ____D C:\Users\All Users\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Users\Jonathan\AppData\Local\visi_coupon
2012-06-29 01:47 - 2012-06-29 01:47 - 00000000 ____D C:\Program Files\Common Files\Virtual
2012-06-29 01:46 - 2012-06-29 01:47 - 00138752 __ASH (DT Soft Ltd) C:\Users\Jonathan\AppData\Roaming\hleras.dll
2012-06-28 14:52 - 2011-02-04 22:36 - 00000663 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2012-06-28 14:52 - 2008-02-13 15:32 - 00000000 ____D C:\Users\Jonathan\Desktop\World of Warcraft
2012-06-27 19:13 - 2012-04-30 13:02 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Awesomium
2012-06-25 11:56 - 2008-02-12 11:09 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Google
2012-06-25 11:53 - 2012-06-25 11:53 - 00739808 ____A (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup.exe
2012-06-23 19:46 - 2012-06-23 19:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{8079D9AE-8A1E-4030-B2AD-6DD854F4763C}
2012-06-23 19:46 - 2012-06-23 19:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{78B6E290-55AC-499C-B64E-976B368AD5C2}
2012-06-23 15:55 - 2012-06-02 12:11 - 00000000 ____D C:\Users\Jonathan\Desktop\reciepts
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D0B6B9C9-F6D9-4026-B96B-7D5EE27B6C3D}
2012-06-23 15:54 - 2012-06-23 15:54 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{7FD52BE1-CB25-467C-AEF0-0D53A1C62335}
2012-06-23 01:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Microsoft.NET
2012-06-23 01:05 - 2012-06-23 01:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-06-23 00:59 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2012-06-23 00:56 - 2012-05-21 04:29 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-23 00:56 - 2012-05-21 04:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-23 00:55 - 2010-02-03 14:32 - 00000000 ____D C:\Program Files\Windows Live
2012-06-23 00:55 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6A381EB3-C19F-497A-BB57-D1B09D186850}
2012-06-23 00:38 - 2012-06-23 00:38 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{18C6FC76-6781-447B-A19F-BC62C9390C8E}
2012-06-23 00:32 - 2008-10-21 04:10 - 00000258 _RASH C:\Users\All Users\ntuser.pol
2012-06-23 00:31 - 2012-04-26 18:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{D553B540-835C-462A-B2A3-3E47EF6F5ADC}
2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{4BA83F58-3C5F-4C49-86EE-3AD93C07EAF6}
2012-06-21 19:28 - 2010-02-03 14:33 - 00000000 ____D C:\Users\Jonathan\Tracing
2012-06-21 18:04 - 2012-03-31 17:24 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Akamai
2012-06-21 13:50 - 2012-06-21 13:50 - 00000318 ____A C:\Users\Jonathan\Desktop\Curse Client.appref-ms
2012-06-21 13:47 - 2012-06-21 13:47 - 00000000 ____D C:\Users\Jonathan\Documents\My Curse
2012-06-16 21:23 - 2008-02-13 21:51 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-06-16 19:36 - 2009-01-24 10:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2012-06-16 19:28 - 2012-06-16 19:28 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{564C604B-0D40-414B-BE2C-0DD68F70CBE0}
2012-06-16 19:23 - 2006-11-02 03:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2012-06-16 19:21 - 2011-04-27 02:55 - 00011472 ____A C:\Windows\IE9_main.log
2012-06-16 19:20 - 2010-10-14 09:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2012-06-16 19:19 - 2012-06-16 19:19 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-06-16 19:19 - 2012-06-16 19:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 19:19 - 2012-06-16 19:19 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 19:19 - 2012-06-16 19:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-06-16 19:19 - 2012-06-16 19:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-06-16 19:19 - 2012-06-16 19:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-06-16 19:19 - 2012-06-16 19:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-06-16 19:19 - 2012-06-16 19:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-06-16 19:19 - 2006-11-01 22:32 - 00008798 ____A C:\Windows\System32\icrav03.rat
2012-06-16 19:19 - 2006-11-01 22:32 - 00001988 ____A C:\Windows\System32\ticrf.rat
2012-06-16 19:16 - 2012-06-16 19:14 - 20158824 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\BOIE9_ENUS_BO0085_VIS.EXE
2012-06-14 08:26 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5A787EF4-9CC5-4535-8E15-29F9AD0993E6}
2012-06-14 08:25 - 2012-06-14 08:25 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{12B33BA1-3714-4294-9E19-D8AB99888E89}
2012-06-14 03:46 - 2006-11-02 04:47 - 03716296 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-13 23:14 - 2006-11-02 02:24 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-06-13 17:30 - 2012-06-11 19:57 - 00000802 ____A C:\Users\Jonathan\Desktop\GiftBox+.lnk
2012-06-13 17:30 - 2012-06-11 19:57 - 00000802 ____A C:\Users\Guest\Desktop\GiftBox+.lnk
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A4456903-522C-48A9-AA5C-22C83D79AEF7}
2012-06-13 17:23 - 2012-06-13 17:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{370A08EB-AEE8-4EF5-BC5F-4330D22FD9E1}
2012-06-11 19:57 - 2012-06-06 04:49 - 00000000 ____D C:\Program Files\GiftBoxPlus
2012-06-11 18:41 - 2011-04-02 17:02 - 00001951 ____A C:\Users\Jonathan\Desktop\Google Chrome.lnk
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{962426F1-DA97-450C-85B8-5B4D39792113}
2012-06-11 08:02 - 2012-06-11 08:02 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{029931F4-7DA8-448A-BBB2-AB1DE50A1F4A}
2012-06-10 15:29 - 2008-01-28 05:25 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-10 00:42 - 2012-06-10 00:41 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(5).exe
2012-06-06 20:55 - 2012-06-06 20:53 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-06 20:53 - 2012-06-06 20:53 - 00000936 ____A C:\Users\Public\Desktop\Facebook Gift Collector.lnk
2012-06-06 20:53 - 2012-06-06 20:53 - 00000000 ____D C:\Program Files\Facebook Gift Collector
2012-06-06 20:52 - 2012-06-06 20:52 - 09650580 ____A (Nessuno.org ) C:\Users\Jonathan\Downloads\FacebookGiftCollector-setup.exe
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{FB27C7ED-E448-4309-9C6C-627BDBA2B16B}
2012-06-06 10:51 - 2012-06-06 10:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{57FC927E-B7EE-4DE8-B079-00A008FC1BF5}
2012-06-06 04:49 - 2012-06-06 04:48 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(4).exe
2012-06-06 04:48 - 2012-06-06 04:48 - 00005036 ____A C:\Users\All Users\vmkofzys.vtc
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Jonathan\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000778 ____A C:\Users\Guest\Desktop\BOTOHOLIC.lnk
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:48 - 00000000 ____D C:\Program Files\BOTOHOLIC
2012-06-06 04:48 - 2012-06-06 04:47 - 15434440 ____A C:\Users\Jonathan\Downloads\botoholic_setup_3.1.4.45.exe
2012-06-05 08:24 - 2012-06-05 08:24 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(3).exe
2012-06-05 08:22 - 2012-06-05 08:21 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(2).exe
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D86B907-7720-4D5F-8CC5-32FF05667732}
2012-06-02 18:04 - 2012-06-02 18:04 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{5935172D-7062-4B4E-93E2-D95C987C30E6}
2012-06-02 14:19 - 2012-06-21 14:31 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 14:31 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 14:31 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 14:30 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 14:30 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:12 - 2012-06-21 14:31 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:12 - 2012-06-21 14:30 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-21 14:29 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:12 - 2012-06-21 14:29 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 08:55 - 2008-04-01 14:33 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Adobe
2012-05-26 09:00 - 2012-05-26 09:00 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{178F3BA2-77A3-43A8-B97A-67D1418BC059}
2012-05-21 07:28 - 2012-05-21 07:28 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51(1).exe
2012-05-21 04:29 - 2012-05-21 04:29 - 00000320 ____A C:\Users\Jonathan\Desktop\Curse Client - Test.appref-ms
2012-05-21 04:28 - 2012-05-21 04:28 - 00396288 ____A () C:\Users\Jonathan\Downloads\Setup.exe
2012-05-21 04:23 - 2012-05-21 04:23 - 00352416 ____A (Adobe Systems Incorporated) C:\Users\Jonathan\Downloads\uninstall_flash_player_32bit.exe
2012-05-21 04:21 - 2012-05-21 04:21 - 00656896 ____A C:\Users\Jonathan\Downloads\MicrosoftFixit50525.msi
2012-05-19 16:21 - 2012-05-19 16:20 - 00001189 ____A C:\Users\Jonathan\Desktop\HAPPY FARTHERS DAY DAD.txt
2012-05-15 11:51 - 2012-06-13 19:01 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-12 08:31 - 2012-05-12 08:31 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{EE6BC67B-EBC2-4215-BC7A-D320DA05A437}
2012-05-12 08:30 - 2012-05-12 08:30 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{39ACE594-020B-4D4E-AC21-C3A3D3C14BD8}
2012-05-11 23:30 - 2010-10-23 09:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-11 23:28 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2012-05-11 23:28 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-11 23:13 - 2009-02-16 18:50 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-05-05 15:32 - 2012-05-05 10:01 - 00000000 ____D C:\Program Files\World of Warcraft Beta
2012-05-05 15:01 - 2012-05-05 15:01 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{3463A734-C4FC-4C76-8AB7-AD72CB40D50A}
2012-05-05 10:01 - 2012-05-05 10:01 - 00001067 ____A C:\Users\Public\Desktop\World of Warcraft Beta.lnk
2012-05-05 10:01 - 2008-02-13 15:32 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
2012-05-05 09:59 - 2012-05-05 09:59 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-05 09:59 - 2012-05-05 09:58 - 31726720 ____A (Blizzard Entertainment) C:\Users\Jonathan\Downloads\World of Warcraft Beta Setup.exe
2012-05-01 06:03 - 2012-06-13 19:02 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-30 23:03 - 2012-04-30 23:03 - 00000000 ____D C:\Windows\Temp142DC983-CA8B-CDEC-4C62-C17BA5842F7A-Signatures
2012-04-30 13:00 - 2012-04-30 13:00 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\GiftBoxPlus
2012-04-30 12:59 - 2012-04-30 12:59 - 13702812 ____A C:\Users\Jonathan\Downloads\giftboxplus_setup_1.9.3.51.exe
2012-04-30 03:51 - 2012-04-30 03:51 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9B3A9A96-BB32-447F-9648-3C201A5FB7C0}
2012-04-30 03:50 - 2012-04-30 03:50 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{1DCF5F66-07DB-47C2-B44F-1A441B87EF02}
2012-04-26 21:46 - 2012-04-26 21:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{31C7759D-AE16-4CF4-B80F-277A2FC00E79}
2012-04-26 21:45 - 2012-04-26 21:45 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{9D0926B3-37A3-4E86-A6AD-E0058095AAFE}
2012-04-26 18:47 - 2012-04-26 18:47 - 00000000 ____D C:\Users\All Users\Mozilla
2012-04-24 07:49 - 2012-04-24 07:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{870E2E56-6EA6-4404-B190-391447084AB2}
2012-04-24 07:49 - 2012-04-24 07:49 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{22B91EF9-277A-4FFA-BDDA-DA0A3FA0214D}
2012-04-23 08:00 - 2012-06-13 19:02 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 08:00 - 2012-06-13 19:02 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 08:00 - 2012-06-13 19:02 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 05:23 - 2012-04-23 05:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{6D71BB43-D492-4784-AAE6-766812DEE0FF}
2012-04-23 05:23 - 2012-04-23 05:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{2EDA757F-B469-4339-A253-DB664EFE4BB5}
2012-04-19 18:32 - 2008-01-28 05:26 - 00000000 ____D C:\Program Files\Microsoft Office
2012-04-14 16:05 - 2012-04-14 16:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{A6B60FB2-D274-4A12-9AA2-08EA56FC932B}
2012-04-14 16:05 - 2012-04-14 16:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{551BC2DC-73B9-4A07-9309-9DE12E9576A6}
2012-04-14 15:39 - 2012-04-14 15:39 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{536587C7-746D-4EED-BE53-737A17C37D34}
2012-04-14 15:36 - 2012-04-14 15:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C3A6E262-63C4-4CD6-9D83-7128FC922633}
2012-04-14 11:10 - 2012-04-14 11:10 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{61A78671-F4F2-4608-ABC1-18D84BDBFE5E}
2012-04-13 15:23 - 2012-04-13 15:23 - 00000000 ____D C:\Users\Jonathan\AppData\Local\{C2E54D0A-8B47-4792-990D-E7E8CA6BFA5A}
2012-04-08 07:54 - 2011-03-05 22:45 - 00002924 ____A C:\Windows\setupact.log
2012-04-08 07:08 - 2012-04-08 07:08 - 00001854 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-04-08 07:08 - 2010-01-18 09:29 - 00000000 ____D C:\Program Files\Adobe
2012-04-08 07:08 - 2008-05-27 16:23 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-04-08 06:43 - 2011-03-11 16:12 - 00000000 ____D C:\Users\Public\Documents\Adobe
2012-04-07 15:19 - 2012-04-07 15:19 - 00259144 ____A C:\Users\Jonathan\Downloads\installer_adobe_flash_player_English.exe
2012-04-07 13:48 - 2012-04-07 13:48 - 16157992 ____A (Mozilla) C:\Users\Jonathan\Downloads\Firefox Setup 11.0.exe
2012-04-07 13:48 - 2012-04-07 13:48 - 00000808 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-04-06 10:02 - 2008-01-28 05:12 - 00000000 ____D C:\Program Files\Common Files\Java
2012-04-06 10:01 - 2012-04-06 10:01 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2012-04-06 10:01 - 2012-04-06 10:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2012-04-06 10:01 - 2012-04-06 10:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2012-04-06 10:01 - 2010-05-07 09:24 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2012-04-04 11:56 - 2009-01-09 01:08 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 00:16 - 2012-05-11 19:02 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-04-03 00:16 - 2012-05-11 19:02 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-02 08:17 - 2012-04-02 08:17 - 00000105 ____A C:\Users\Jonathan\Desktop\Lings stats.txt

ZeroAccess:
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

ZeroAccess:
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\@
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 8737764F4FD36D6808EE80578409C843 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 11%
Total physical RAM: 3316.56 MB
Available physical RAM: 2947.15 MB
Total Pagefile: 3209.11 MB
Available Pagefile: 3027.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1990.35 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:170.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (CAM_SD) (Removable) (Total:3.69 GB) (Free:3.66 GB) FAT32
8 Drive x: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.91 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 466 GB 981 KB
Disk 1 Online 3782 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 47 MB 32 KB
Partition 2 Primary 10 GB 48 MB
Partition 3 Primary 456 GB 10 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 FAT Partition 47 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 X RECOVERY NTFS Partition 10 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 C OS NTFS Partition 456 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3778 MB 4096 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D CAM_SD FAT32 Removable 3778 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-29 13:22

======================= End Of Log ==========================









Farbar Recovery Scan Tool Version: 20-06-2012 01
Ran by SYSTEM at 2012-06-30 01:16:25
Running from D:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2009-09-16 23:40] - [2009-04-10 22:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2008-06-02 13:28] - [2008-01-18 23:33] - 0279040 ____A (Microsoft Corporation) 2B336AB6286D6C81FA02CBAB914E3C6C

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2006-11-02 00:35] - [2006-11-02 01:45] - 0279552 ____A (Microsoft Corporation) 329CF3C97CE4C19375C8ABCABAE258B0

C:\Windows\System32\services.exe
[2009-09-16 23:40] - [2012-06-29 12:19] - 0279552 ____A (Microsoft Corporation) 8737764F4FD36D6808EE80578409C843

=== End Of Search ===

#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,832 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:08:35 PM

Posted 30 June 2012 - 10:01 AM

Download the enclosed file. [attachment=125812:fixlist.txt]

Save it next to FRST. Run FRST as you did from the Repair Console, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it in your next reply.

Boot in Normal Mode. Run Combofix as follows:


Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

Edited by JSntgRvr, 30 June 2012 - 10:16 AM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 30 June 2012 - 02:16 PM

Here is the Combofix log



ComboFix 12-06-28.03 - Jonathan 06/30/2012 14:36:44.1.2 - x86
Running from: c:\users\Jonathan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Outdated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Error Repair Professional
c:\programdata\cabfbeebbcebedct.exe
c:\users\Jonathan\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Jonathan\AppData\Roaming\.#
c:\users\Jonathan\AppData\Roaming\hleras.dll
c:\users\Jonathan\AppData\Roaming\inst.exe
c:\users\Jonathan\Documents\~WRL3461.tmp
c:\users\Jonathan\GoToAssistDownloadHelper.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\@
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L\00000004.@
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\L\201d3dde
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\n
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U\00000004.@
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U\00000008.@
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U\000000cb.@
c:\windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\U\80000032.@
c:\windows\security\Database\tmp.edb
c:\windows\system32\0261mixed.t
c:\windows\system32\197page.t
c:\windows\system32\226base.t
c:\windows\system32\459backup.t
c:\windows\system32\467part.t
c:\windows\system32\618backup.t
c:\windows\system32\cookies234.t
c:\windows\system32\data01DC.t
c:\windows\system32\data023C.t
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\images742.t
c:\windows\system32\mainlog206.t
c:\windows\system32\mainlog601.t
c:\windows\system32\resource243.t
c:\windows\system32\resource339.t
c:\windows\system32\soap348.t
c:\windows\system32\sparse0356.t
c:\windows\system32\sparse0751.t
c:\windows\system32\threat448y.bin
c:\windows\system32\uninstalld6.t
c:\windows\system32\user759.t
D:\resycled
.
.
((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-30 )))))))))))))))))))))))))))))))
.
.
2012-06-30 18:54 . 2012-06-30 18:54 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A3068C5-3B44-485A-A08C-330035C9997C}\offreg.dll
2012-06-30 18:52 . 2012-06-30 18:52 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-30 18:52 . 2012-06-30 18:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-30 03:49 . 2012-06-30 03:49 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A3068C5-3B44-485A-A08C-330035C9997C}\MpKsl198d4a10.sys
2012-06-29 23:01 . 2012-06-29 23:01 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A3068C5-3B44-485A-A08C-330035C9997C}\MpKsl97832e57.sys
2012-06-29 22:16 . 2012-06-30 09:15 -------- d-----w- C:\FRST
2012-06-29 22:16 . 2012-06-29 22:20 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-06-29 22:15 . 2012-06-29 22:16 -------- d-----w- c:\programdata\HitmanPro
2012-06-29 17:39 . 2012-06-29 17:39 42960 ----a-w- c:\windows\system32\drivers\ncofngjt.sys
2012-06-29 10:36 . 2012-06-29 10:36 -------- d-----w- C:\My Curse
2012-06-29 10:13 . 2012-04-13 07:36 6734704 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A3068C5-3B44-485A-A08C-330035C9997C}\mpengine.dll
2012-06-29 09:47 . 2012-06-29 09:47 -------- d-----w- c:\users\Jonathan\AppData\Local\visi_coupon
2012-06-29 09:47 . 2012-06-29 10:02 -------- d-----w- c:\programdata\F4D55F3E0026B37D01311D1D570F1C8B
2012-06-29 09:47 . 2012-06-29 09:47 -------- d-----w- c:\program files\Common Files\Virtual
2012-06-23 09:05 . 2012-06-23 09:05 -------- d-----w- c:\users\Jonathan\AppData\Local\Macromedia
2012-06-23 08:45 . 2012-06-23 08:45 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\7dfe8ca81cd511c03\MeshBetaRemover.exe
2012-06-23 08:45 . 2012-06-23 08:45 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\7d8561ee1cd511c02\DSETUP.dll
2012-06-23 08:45 . 2012-06-23 08:45 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\7d8561ee1cd511c02\DXSETUP.exe
2012-06-23 08:45 . 2012-06-23 08:45 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\7d8561ee1cd511c02\dsetup32.dll
2012-06-21 22:31 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 22:31 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 22:31 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 22:31 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 22:30 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 22:30 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 22:30 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 22:29 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 22:29 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 03:02 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 03:02 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 03:02 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 03:02 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 03:01 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-06-07 04:53 . 2012-06-07 04:55 -------- d-----w- c:\users\Jonathan\AppData\Local\Facebook Gift Collector
2012-06-07 04:53 . 2012-06-07 04:53 -------- d-----w- c:\program files\Facebook Gift Collector
2012-06-06 12:50 . 2012-06-06 12:50 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-06 12:50 . 2012-06-06 12:50 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-06 12:49 . 2012-06-12 03:57 -------- d-----w- c:\program files\GiftBoxPlus
2012-06-06 12:48 . 2012-06-06 12:48 -------- d-----w- c:\users\Jonathan\AppData\Roaming\BOTOHOLIC
2012-06-06 12:48 . 2012-06-06 12:48 -------- d-----w- c:\program files\BOTOHOLIC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 08:56 . 2012-05-21 12:29 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 08:56 . 2012-05-21 12:29 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 08:55 . 2010-06-24 15:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-31 03:41 . 2012-06-26 20:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{03407DD2-1E29-4AD6-B2C3-01BC48240660}\mpengine.dll
2012-04-13 07:36 . 2011-03-06 05:54 6734704 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-06 18:01 . 2010-05-07 17:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2009-01-09 09:08 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16 . 2012-05-12 03:02 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16 . 2012-05-12 03:02 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-17 03:36 . 2012-04-07 21:48 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[7] 2009-04-11 . 1F05B78AB91C9075565A9D8A4B880BC4 . 19944 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[7] 2008-02-14 . B35CFCEF838382AB6490B321C87EDF17 . 21560 . . [6.0.6000.16632] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[7] 2008-02-14 . B35CFCEF838382AB6490B321C87EDF17 . 21560 . . [6.0.6000.16632] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[7] 2008-02-14 . E03E8C99D15D0381E02743C36AFC7C6F . 21560 . . [6.0.6000.20757] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[7] 2008-02-14 . E03E8C99D15D0381E02743C36AFC7C6F . 21560 . . [6.0.6000.20757] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[7] 2008-01-28 . 7EB55F6BEFB392BD312CD0CD5263305D . 21688 . . [6.0.6000.16470] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys
[7] 2008-01-28 . 7EB55F6BEFB392BD312CD0CD5263305D . 21688 . . [6.0.6000.16470] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys
[7] 2008-01-28 . 61CA2C1E145809813C28752298CF9843 . 21688 . . [6.0.6000.20580] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys
[7] 2008-01-28 . 61CA2C1E145809813C28752298CF9843 . 21688 . . [6.0.6000.20580] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys
[7] 2008-01-28 . 5653737BAD8C6C10136451C195C19881 . 19048 . . [6.0.6000.20485] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[7] 2008-01-28 . A779CA2C76DA4FCB595E692C05E8E4EB . 19048 . . [6.0.6000.16391] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[7] 2008-01-28 . A779CA2C76DA4FCB595E692C05E8E4EB . 19048 . . [6.0.6000.16391] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[7] 2008-01-28 . 9E7E85EC61D1C9C3171CC08427108863 . 21688 . . [6.0.6000.20509] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[7] 2008-01-28 . 9E7E85EC61D1C9C3171CC08427108863 . 21688 . . [6.0.6000.20509] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[7] 2008-01-19 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[7] 2008-01-19 . 2D9C903DC76A66813D350A562DE40ED9 . 21560 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[7] 2006-11-02 . 4F4FCB8B6EA06784FB6D475B7EC7300F . 19048 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
.
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
[7] 2006-11-02 . E86CF7CE67D5DE898F27EF884DC357D8 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6000.16386_none_22210ce737ee2d9b\asyncmac.sys
.
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[7] 2006-11-02 . AC3DD1708B22761EBD7CBE14DCC3B5D7 . 6144 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys
.
[7] 2008-02-14 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_a81145df\kbdclass.sys
[7] 2008-02-14 . B076B2AB806B3F696DAB21375389101C . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[7] 2008-02-14 . C9B0CF786D5F151A43C7BE8E243F2819 . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\drivers\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[7] 2008-01-19 . 37605E0A8CF00CBBA538E753E4344C6E . 35384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[7] 2006-11-02 . 1A48765F92BA1A88445FC25C9C9D94FC . 32872 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
.
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[7] 2008-01-19 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[7] 2006-11-02 . 227C11E1E7CF6EF8AFB2A238D209760C . 500840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
.
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[7] 2008-02-14 . 2620822A21B76375F5FD6E0986407CD1 . 1060920 . . [6.0.6000.16586] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
[7] 2008-02-14 . B5BE45B1F554DF9E1976CBC855365E60 . 1061432 . . [6.0.6000.20709] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
[7] 2008-01-19 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[7] 2007-12-16 . F08824715CA6076F5E73E005AB83B9C8 . 1061944 . . [6.0.6000.20740] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys
[7] 2007-12-16 . 37430AA7A66D7A63407ADC2C0D05E9F6 . 1060920 . . [6.0.6000.16615] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
[7] 2006-11-02 . 3F379380A4A2637F559444E338CF1B51 . 1056360 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
.
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
[7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys
.
[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[7] 2012-03-30 . EE7E10BED85C312C1D5D30C435BDDA9F . 914304 . . [6.0.6002.22828] . . c:\windows\System32\drivers\tcpip.sys
[7] 2012-03-30 . EE7E10BED85C312C1D5D30C435BDDA9F . 914304 . . [6.0.6002.22828] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[7] 2011-09-20 . 814A1C66FBD4E1B310A517221F1456BF . 905088 . . [6.0.6002.18519] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[7] 2011-09-20 . 16731B631F28F63CD9F4CB60940E7DDD . 913280 . . [6.0.6002.22719] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
.
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
[7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll
.
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
.
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
[7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll
.
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
[7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll
.
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-01-28 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll
[7] 2008-01-28 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
.
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
.
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
[7] 2008-02-14 . F3E9065EB617A7E3A832A7976BFA021B . 53080 . . [7.0.6000.381] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6000.381_none_981d19142bc9942c\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
.
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[7] 2008-01-19 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[7] 2006-11-02 . AB4FDE8AF4A0270A46A001C08CBCE1C2 . 68096 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
[7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
.
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2008-01-28 . 0D900252FF3C4F26AA2A8E161B4318A2 . 874496 . . [6.0.6000.20608] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.20608_none_926943d0723b6518\kernel32.dll
[7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
[7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll
.
[7] 2012-06-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[7] 2012-06-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16446_none_d325af26601977c3\mshtml.dll
[7] 2012-04-19 . 2D21E905C57E4BE7402DB669E5DA451B . 3619840 . . [7.00.6002.18616] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18616_none_1524c76a1f526a9a\mshtml.dll
[7] 2012-04-19 . 08EDB815A93C397B419245F2C20DBEC2 . 3620864 . . [7.00.6002.22838] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22838_none_159ac6d7387e721b\mshtml.dll
[7] 2012-02-28 . 6DA8DB32B2597B16AEC318FF4C951970 . 3618304 . . [7.00.6002.18591] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18591_none_14c944b21f97ce48\mshtml.dll
[7] 2012-02-28 . 9829E580E9A19CDF28C79399B9E1A4F5 . 3619328 . . [7.00.6002.22805] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22805_none_15b835bd3868d243\mshtml.dll
[7] 2011-12-16 . 27135731B549F4A489016ECFAC0F805F . 3619328 . . [7.00.6002.22757] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22757_none_158424cf388f937f\mshtml.dll
[7] 2011-12-16 . 5F53E0349CBF28FCEC5C33FA8C0BF648 . 3618304 . . [7.00.6002.18552] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18552_none_14f584ac1f7677db\mshtml.dll
[7] 2011-02-18 . F7DE0C76A0DC549EC30973499FA49C2D . 3609600 . . [7.00.6002.22592] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22592_none_1553dfe138b48a42\mshtml.dll
[7] 2011-02-18 . BD32D3A161BDA2E56481570FBFBAFFD8 . 3608576 . . [7.00.6002.18407] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18407_none_153093d41f496db2\mshtml.dll
[7] 2011-02-18 . 6C14018723B764C576D5DD3ED94E0ED0 . 3592704 . . [7.00.6001.18602] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18602_none_13451e9422279cb4\mshtml.dll
[7] 2011-02-18 . DD92939202A2C6ADFEBCFFD5F460B766 . 3593728 . . [7.00.6001.22857] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22857_none_139daf1b3b69440d\mshtml.dll
[7] 2010-12-20 . 95EBCD2CDF46F9A6BB78DAE06F8ADE4B . 3609088 . . [7.00.6002.22551] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22551_none_157e1f4738950127\mshtml.dll
[7] 2010-12-20 . FE3D85204E2F667D0DCB5C181F34F00B . 3608064 . . [7.00.6002.18357] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18357_none_14fa82521f71fc40\mshtml.dll
[7] 2010-12-20 . CE50EF0D385A84B71844ACF14B1DF0E9 . 3592192 . . [7.00.6001.18565] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18565_none_13073e0422559338\mshtml.dll
[7] 2010-12-20 . 26143069DAB2D1825D4EA7D2ABDFC2D2 . 3593216 . . [7.00.6001.22816] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22816_none_13c7ee813b49baf2\mshtml.dll
[7] 2010-10-21 . 4BEF2E351348DAB2C4F1BDD92A2FAD1F . 3606528 . . [7.00.6002.18332] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18332_none_150b20b81f6645ab\mshtml.dll
[7] 2010-10-21 . AA2E5BFF88CEE98E8D62E5C98A402F69 . 3607040 . . [7.00.6002.22511] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22511_none_15a95ef738749163\mshtml.dll
[7] 2010-10-21 . 53474F53F666D11C4C1F017B2930174F . 3591680 . . [7.00.6001.22784] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22784_none_137a3c933b844eb4\mshtml.dll
[7] 2010-10-20 . 9D9417257E4CF503A24127A129D61B33 . 3590144 . . [7.00.6001.18542] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18542_none_1319dcfe22480f51\mshtml.dll
[7] 2010-09-09 . 6C0775CA805AA0405CDB0D10EDB100FA . 3605504 . . [7.00.6002.22484] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22484_none_1560ae7b38aaa3d8\mshtml.dll
[7] 2010-09-09 . 919988EC7DFCD323A82BF9102082D91C . 3590144 . . [7.00.6001.22760] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22760_none_138bdb433b77b176\mshtml.dll
[7] 2010-09-08 . 8A8FE8E055D1493603E3E9CE3DE45F97 . 3587584 . . [7.00.6001.18527] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18527_none_13347e4822335622\mshtml.dll
[7] 2010-09-08 . CE28531344E4E4ED83CB455352E31995 . 3604480 . . [7.00.6002.18309] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18309_none_153292821f47a339\mshtml.dll
[7] 2010-06-29 . DB64F0CDD0B3E2D8EAD2E7C09DEEEAFD . 3604480 . . [7.00.6002.22434] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22434_none_1596be1738821823\mshtml.dll
[7] 2010-06-29 . 0140BD9DADD86EAA33955B36C1DB7A70 . 3603456 . . [7.00.6002.18278] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18278_none_14e5e0de1f815052\mshtml.dll
[7] 2010-06-28 . 782D38870BDDCAF7F72207A802C8315C . 3588608 . . [7.00.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22720_none_13b71af33b5741b2\mshtml.dll
[7] 2010-06-28 . C087A5492AB415D7166F9D85066C1B33 . 3586560 . . [7.00.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18498_none_12e9cd38226b35e9\mshtml.dll
[7] 2010-05-04 . A24AF16BC2C97E01F3DCB5D1624CDF29 . 3603456 . . [7.00.6002.22398] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22398_none_1559ddd138af27fe\mshtml.dll
[7] 2010-05-04 . 0421947199A86BC76969B588035C1351 . 3602944 . . [7.00.6002.18255] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18255_none_14f87fd81f73cc6b\mshtml.dll
[7] 2010-05-04 . F6FEC373F3BC60E0F58C1A59254ACBD8 . 3586048 . . [7.00.6001.18470] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18470_none_12f76ac02262334f\mshtml.dll
[7] 2010-05-04 . 6831444C305CB23DE18A9A8BD7B1446A . 3587584 . . [7.00.6001.22685] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22685_none_137b3af73b836ae4\mshtml.dll
[7] 2010-03-11 . 08A647C3B5ECA022D302EF9D5C0C8D10 . 3602944 . . [7.00.6002.22360] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22360_none_15724b45389e0973\mshtml.dll
[7] 2010-03-11 . 1FB6B5513C5986FAED9ADF2BAD543097 . 3587072 . . [7.00.6001.22653] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22653_none_1399aa273b6ce463\mshtml.dll
[7] 2010-03-09 . A01004B13E763DB42BF0F19DBEB62F51 . 3599872 . . [7.00.6000.17037] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.17037_none_1143440c25151a16\mshtml.dll
[7] 2010-03-09 . C0BF3F7D312BBE4773F7DF43EC999722 . 3602944 . . [7.00.6000.21242] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21242_none_11bd115f3e3f5445\mshtml.dll
[7] 2010-03-09 . B0A6D956D4950E55265A8ACDC58C2F39 . 3586048 . . [7.00.6001.18444] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18444_none_131bdbac224644d8\mshtml.dll
[7] 2010-03-09 . 2BBAE33B3393896FFC381EEEE02AB98E . 3601920 . . [7.00.6002.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18226_none_1519efe61f5a91ef\mshtml.dll
[7] 2009-12-18 . 804BEB97942AFDD90A0418DDB4EF8342 . 3585024 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18385_none_12f19a602265d0cc\mshtml.dll
[7] 2009-12-18 . 8A49DC126EEB62C030782A9CBDA3A99E . 3599360 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16982_none_11085adc2541f3d6\mshtml.dll
[7] 2009-12-18 . 0EE8B3A112C58EB71951DA5C77E7C01A . 3602944 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21184_none_1193d05d3e5df990\mshtml.dll
[7] 2009-12-18 . 6EF8BF95A1CE83ECA056524A02B29E25 . 3587584 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22585_none_137b39113b836dbd\mshtml.dll
[7] 2009-12-17 . F1F3D1793483B394835DAB3D4C326CDB . 3603456 . . [7.00.6002.22290] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22290_none_1551d99b38b6601f\mshtml.dll
[7] 2009-12-16 . 360A4FA3715C63086AE00C108E592E08 . 3600896 . . [7.00.6002.18167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18167_none_14efae9a1f7a1de3\mshtml.dll
[7] 2009-10-27 . FB051078150D7EE5A95AA620D1186000 . 3598336 . . [7.00.6000.16945] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16945_none_11369b6a251ed017\mshtml.dll
[7] 2009-10-27 . 5E0A39E714E39E054A3A0F2A04EE5DA0 . 3599872 . . [7.00.6002.18130] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18130_none_15091c581f6818af\mshtml.dll
[7] 2009-10-27 . 73455B9FB05AB022E201F0F049A95600 . 3584000 . . [7.00.6001.18349] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18349_none_1320db382241c664\mshtml.dll
[7] 2009-10-27 . 156E8053F0D289AAD17C4A12163B0795 . 3602432 . . [7.00.6000.21148] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21148_none_11c311353e39ef28\mshtml.dll
[7] 2009-10-27 . 32B5BDDFE6F4A51308A26A01DD5C210B . 3587072 . . [7.00.6001.22550] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22550_none_1396a7633b6f9b37\mshtml.dll
[7] 2009-10-27 . E7B65139D4062B43F0F92337773C78B9 . 3602944 . . [7.00.6002.22252] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22252_none_157f19df38942309\mshtml.dll
[7] 2009-10-19 . DC162F0F1880C30296C5FAD1F60EC6D4 . 3598336 . . [7.00.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16939_none_11456c7e25131982\mshtml.dll
[7] 2009-10-19 . 44FD7EFD38472852E74E8E8D663E1961 . 3584000 . . [7.00.6001.18344] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18344_none_131bd9c6224647b1\mshtml.dll
[7] 2009-10-19 . 83A461E3BAB28ACDBE32E2A62BB1BEEE . 3602432 . . [7.00.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21142_none_11bd0f793e3f571e\mshtml.dll
[7] 2009-10-19 . E3708336831E5249DBB274342649F483 . 3586560 . . [7.00.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22544_none_13a578773b63e4a2\mshtml.dll
[7] 2009-10-19 . 0AFEF7F9242F5F84F12AE9B84C2C57F4 . 3602432 . . [7.00.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22247_none_158eeb3d388785cb\mshtml.dll
[7] 2009-10-19 . 0B772887F7C50D062AD0FB1B47C0279E . 3599872 . . [7.00.6002.18124] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18124_none_1517ed6c1f5c621a\mshtml.dll
[7] 2009-08-27 . AF7541BC2D91483328E6D9910CD33DD5 . 3598336 . . [7.00.6000.16916] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll
[7] 2009-08-27 . F500476C0724E476F05331162D4C283D . 3600384 . . [7.00.6000.21116] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21116_none_11e180653e2368a7\mshtml.dll
[7] 2009-08-27 . BFF746B1558432533876014B66CF04C4 . 3584000 . . [7.00.6001.18319] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18319_none_13414afc22297291\mshtml.dll
[7] 2009-08-27 . 41FB8068E6624F4D843CB1C0F6E8B0EC . 3584512 . . [7.00.6001.22508] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22508_none_13d4b94f3b3fda3a\mshtml.dll
[7] 2009-08-27 . 3B7B0A46482EF271E5C434D0C070129A . 3600896 . . [7.00.6002.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22212_none_15aa598f3873b345\mshtml.dll
[7] 2009-08-27 . BC72B82A8D9F0E2DE67A4985A6676786 . 3599872 . . [7.00.6002.18100] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18100_none_15298c1c1f4fc4dc\mshtml.dll
[7] 2009-07-18 . D38265A0C435E2A4BE5D662AB82F00E4 . 3583488 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll
[7] 2009-07-18 . 921E63B100F67FA21A0C623930810C58 . 3597824 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll
[7] 2009-07-18 . 77693F4CD5CD48EE3A4ABB5073276976 . 3600384 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll
[7] 2009-07-18 . D8C0B944A3FB4BE7BC8DA21D4A5B33AB . 3584512 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll
[7] 2009-07-18 . 3AF70556543467956227B1D97B314E66 . 3600384 . . [7.00.6002.22180] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll
[7] 2009-07-18 . 2BC9595AEF52C3989B77AB8506615BAD . 3599360 . . [7.00.6002.18071] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll
[7] 2009-04-24 . C1BF8C6F8D5E0435D1ABBB94DAC8EAFD . 3596288 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll
[7] 2009-04-24 . 1638C2FA1CC381CE39504B39F7D87F35 . 3581952 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll
[7] 2009-04-24 . D12ADCB4045EF392A62990C06694EB78 . 3582976 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll
[7] 2009-04-24 . A0DB69A75113B6A396E271744489824F . 3598336 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll
[7] 2009-04-24 . 8BC33ADC526B3E7EE6E6AA013154DF69 . 3598336 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll
[7] 2009-04-23 . DBACE2C96ED63E60CD5D89D8DE00D148 . 3597824 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll
[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[7] 2009-03-03 . 0DCC9623D9A3E77212177F59738BE29A . 3580928 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll
[7] 2009-03-03 . A77A82830D2BBB001A53A5368934F7EB . 3581440 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll
[7] 2009-03-03 . 94ED56734E8AB74357F8EA2C5C174EA9 . 3595264 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll
[7] 2009-03-03 . 67FFB5ED7723D03B50734614D31B57A5 . 3596800 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll
[7] 2009-01-16 . 8FA6CFFC665D1D9D99126CFA8D8DEAB7 . 3580928 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll
[7] 2009-01-15 . E161281A8E8937ED94299A6B465D7BCE . 3580416 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll
[7] 2009-01-15 . AD9E78847641E519FE50A9C27E49AD27 . 3596288 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll
[7] 2009-01-15 . 676692EDC2E1DBD89EFCB617A1E75F7D . 3594752 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll
[7] 2008-12-12 . 8ECFDD5549AD28191D8594C80D4001E8 . 3578880 . . [7.00.6001.18183] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18183_none_12ef96002267a3d0\mshtml.dll
[7] 2008-12-12 . 20348C5C94D7D4A0D9AA12FBAA698514 . 3579392 . . [7.00.6001.22328] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22328_none_13bf15ab3b5017ce\mshtml.dll
[7] 2008-12-12 . 863FBEECA377800B2AFA4F8E972BEBC0 . 3593216 . . [7.00.6000.16788] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16788_none_110e58cc253c9192\mshtml.dll
[7] 2008-12-12 . 616EA8D014AF07FB1DC97B7432794AA6 . 3594752 . . [7.00.6000.20973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20973_none_119dc5f73e5693df\mshtml.dll
[7] 2008-10-16 . B1AE727959358E4FE72D7FE6DC6736E8 . 3578880 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none_131406ec224bb559\mshtml.dll
[7] 2008-10-16 . 8B03B6121C4A55BF48B56BFAF962F879 . 3593216 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none_111ff77c252ff454\mshtml.dll
[7] 2008-10-16 . 6D4AAAAAEB494F78610AE792EC6B3E77 . 3579392 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none_137e343d3b80c24d\mshtml.dll
[7] 2008-10-16 . CF807C36C2E1984104D173B9DE1BCBCD . 3595264 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none_11cd06cf3e328977\mshtml.dll
[7] 2008-10-02 . 3E3D3E24BD1F862CD1A772C0DAD3F134 . 3578880 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18148_none_131fd7222242b2bf\mshtml.dll
[7] 2008-10-02 . 713D3D802424C56F28A3AC21F843D9E4 . 3593216 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16757_none_112dc84625252468\mshtml.dll
[7] 2008-10-02 . 56942EB5D17DFA38CA0B2B234BB578A3 . 3579392 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22278_none_138904293b78a65c\mshtml.dll
[7] 2008-10-02 . 34311116C0A994BD82D7732D0950999C . 3594752 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20927_none_11d7d6bb3e2a6d86\mshtml.dll
[7] 2008-06-27 . 2B59221D1B9D9FB1D202A21AFE8E410A . 3578368 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18099_none_12eac5ea226a5aa4\mshtml.dll
[7] 2008-06-27 . B964D58A6698C8FCA93447ADBDE18820 . 3592192 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16711_none_1153063a250a1c9a\mshtml.dll
[7] 2008-06-27 . 256E9D588ACB7F104123947297A9302A . 3578880 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22212_none_13c3e1f53b4d66ac\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
[7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
[7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll
.
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-01-28 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[7] 2008-01-28 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
.
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
.
[7] 2012-06-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[7] 2012-06-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[7] 2012-05-15 . 5678A207F843544FE454A37EF5A8B688 . 834048 . . [7.00.6002.18633] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18633_none_03b207959f0eed41\wininet.dll
[7] 2012-05-15 . E479652606FFCC375897F700B4E737A8 . 842240 . . [7.00.6002.22860] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22860_none_041835a4b8479200\wininet.dll
[7] 2012-02-28 . 07AEE972DE88F8780EA1474DB2CABBE3 . 834048 . . [7.00.6002.18591] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18591_none_036f25939f416512\wininet.dll
[7] 2012-02-28 . 11D6F5BC10D5B10CC157F016AC8BAF8C . 842240 . . [7.00.6002.22805] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22805_none_045e169eb812690d\wininet.dll
[7] 2011-12-16 . 3D4B4EBFEF4F72F4BF62921C19E67008 . 842240 . . [7.00.6002.22757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22757_none_042a05b0b8392a49\wininet.dll
[7] 2011-12-16 . B518AB969682F6E7C22933BED09CD82A . 834048 . . [7.00.6002.18552] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18552_none_039b658d9f200ea5\wininet.dll
[7] 2011-02-18 . E9839CDBD10ED7E7E2D3A3E51C23B168 . 842240 . . [7.00.6002.22592] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22592_none_03f9c0c2b85e210c\wininet.dll
[7] 2011-02-18 . A7A07D223862A0C661DB225E27058248 . 834048 . . [7.00.6002.18407] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18407_none_03d674b59ef3047c\wininet.dll
[7] 2011-02-18 . B1DB3E0B0E6CB66DC31629EC26FB0048 . 833024 . . [7.00.6001.18602] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18602_none_01eaff75a1d1337e\wininet.dll
[7] 2011-02-18 . E5B46DD994C4AB72C8BD666B3026E812 . 841728 . . [7.00.6001.22857] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22857_none_02438ffcbb12dad7\wininet.dll
[7] 2010-12-20 . AC0D9A507894509CF6D23F1CE876BA4F . 842240 . . [7.00.6002.22551] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22551_none_04240028b83e97f1\wininet.dll
[7] 2010-12-20 . 072213E1604D843D3230EE61663466A4 . 834048 . . [7.00.6002.18357] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18357_none_03a063339f1b930a\wininet.dll
[7] 2010-12-20 . 97CFAF0C9083BF808F5B3B609C055205 . 833024 . . [7.00.6001.18565] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18565_none_01ad1ee5a1ff2a02\wininet.dll
[7] 2010-12-20 . 0A2382C16E9F1D607CDF05C62810212F . 841728 . . [7.00.6001.22816] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22816_none_026dcf62baf351bc\wininet.dll
[7] 2010-10-21 . E637895D078330743D75A8D28A46D18F . 834048 . . [7.00.6002.18332] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18332_none_03b101999f0fdc75\wininet.dll
[7] 2010-10-21 . 848AA8D077770D10C3776F2D03796FBC . 842240 . . [7.00.6002.22511] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22511_none_044f3fd8b81e282d\wininet.dll
[7] 2010-10-21 . F0F4CA08C394F080EC6718249621AC2A . 841728 . . [7.00.6001.22784] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22784_none_02201d74bb2de57e\wininet.dll
[7] 2010-10-20 . CE49BFFF3DA6448331606B78F9CDB484 . 833024 . . [7.00.6001.18542] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18542_none_01bfbddfa1f1a61b\wininet.dll
[7] 2010-09-09 . 48E9D41DED106BB5B57C194002940862 . 842240 . . [7.00.6002.22484] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22484_none_04068f5cb8543aa2\wininet.dll
[7] 2010-09-09 . E51398091D9467C369AE5B72A0729398 . 841728 . . [7.00.6001.22760] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22760_none_0231bc24bb214840\wininet.dll
[7] 2010-09-08 . 7079877D59D128E9AB45F5370C0B4AD2 . 833024 . . [7.00.6001.18527] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18527_none_01da5f29a1dcecec\wininet.dll
[7] 2010-09-08 . C7BCDC2D355271AE2B87A93A1E24AEAF . 834048 . . [7.00.6002.18309] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18309_none_03d873639ef13a03\wininet.dll
[7] 2010-06-29 . C25CA4544D5716FDD9C2D3C942A2D0C9 . 834560 . . [7.00.6002.22434] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22434_none_043c9ef8b82baeed\wininet.dll
[7] 2010-06-29 . B3FC2F131B72F22857A342039328CF5D . 834048 . . [7.00.6002.18278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18278_none_038bc1bf9f2ae71c\wininet.dll
[7] 2010-06-28 . 56802F604444B085DB3FD5BE6B9A08A9 . 834048 . . [7.00.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22720_none_025cfbd4bb00d87c\wininet.dll
[7] 2010-06-28 . A66BCE6FFA302A0DD75D54B708A554AA . 833024 . . [7.00.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18498_none_018fae19a214ccb3\wininet.dll
[7] 2010-05-04 . 42534A33F524671A160AAC4456B2BB4C . 834560 . . [7.00.6002.22398] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22398_none_03ffbeb2b858bec8\wininet.dll
[7] 2010-05-04 . 4C4F5080682BF9B1100D5938C12B55F9 . 834048 . . [7.00.6002.18255] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18255_none_039e60b99f1d6335\wininet.dll
[7] 2010-05-04 . F12FBAF1DA549CBB79E6D89AD3A57ED0 . 833024 . . [7.00.6001.18470] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18470_none_019d4ba1a20bca19\wininet.dll
[7] 2010-05-04 . 0DC7A1B98FE22C894DB7505F1B5303B7 . 834048 . . [7.00.6001.22685] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22685_none_02211bd8bb2d01ae\wininet.dll
[7] 2010-03-11 . C5EC0879DF48AB8846FFFC21F707A504 . 834560 . . [7.00.6002.22360] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22360_none_04182c26b847a03d\wininet.dll
[7] 2010-03-11 . 2744014FD9E9069E73CBC7797ACEDCDD . 834048 . . [7.00.6001.22653] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22653_none_023f8b08bb167b2d\wininet.dll
[7] 2010-03-09 . 0F340B61FA7221DDF8B8375BC0217B71 . 832512 . . [7.00.6000.17037] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.17037_none_ffe924eda4beb0e0\wininet.dll
[7] 2010-03-09 . F245376BFFED63999B0290601128A72A . 841216 . . [7.00.6000.21242] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21242_none_0062f240bde8eb0f\wininet.dll
[7] 2010-03-09 . 76C9A358D176DD7904C8A72BB7235608 . 833024 . . [7.00.6001.18444] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18444_none_01c1bc8da1efdba2\wininet.dll
[7] 2010-03-09 . 1846CD5B8EE042DB00DEB0A50ABF6737 . 834048 . . [7.00.6002.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18226_none_03bfd0c79f0428b9\wininet.dll
[7] 2009-12-18 . 27DFDEA0533477C8923FC874F6439CF0 . 833024 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18385_none_01977b41a20f6796\wininet.dll
[7] 2009-12-18 . C7A318E74FEF945EBFF855C1513CD96C . 832512 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16982_none_ffae3bbda4eb8aa0\wininet.dll
[7] 2009-12-18 . 6F837BD5085F73A8FF0425AA6705A8D1 . 841216 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21184_none_0039b13ebe07905a\wininet.dll
[7] 2009-12-18 . 4D36519B1212659127A4CFCC19E33049 . 834048 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22585_none_022119f2bb2d0487\wininet.dll
[7] 2009-12-17 . C86BBCF0DA44F2B36C9AA59032916EF0 . 834048 . . [7.00.6002.22290] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22290_none_03f7ba7cb85ff6e9\wininet.dll
[7] 2009-12-16 . 565B8A25FB59E8E1F5ED59C95F72B7D7 . 834048 . . [7.00.6002.18167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18167_none_03958f7b9f23b4ad\wininet.dll
[7] 2009-10-27 . BA95D134FE1A3577A174D9A85D6ED1F1 . 832512 . . [7.00.6000.16945] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16945_none_ffdc7c4ba4c866e1\wininet.dll
[7] 2009-10-27 . 3F564B34F047885934DA5D3479ED0716 . 834048 . . [7.00.6002.18130] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18130_none_03aefd399f11af79\wininet.dll
[7] 2009-10-27 . 8C8A7E47DBB25EB94C29152BD08CF436 . 833024 . . [7.00.6001.18349] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18349_none_01c6bc19a1eb5d2e\wininet.dll
[7] 2009-10-27 . 0F34E919E086E834052850B6E57050F3 . 841216 . . [7.00.6000.21148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21148_none_0068f216bde385f2\wininet.dll
[7] 2009-10-27 . F1D8D50E054ADDF05D708A8676868763 . 834048 . . [7.00.6001.22550] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22550_none_023c8844bb193201\wininet.dll
[7] 2009-10-27 . C50C20FB2B5B5F228F7B1BA8925107B0 . 834048 . . [7.00.6002.22252] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22252_none_0424fac0b83db9d3\wininet.dll
[7] 2009-08-27 . 2BD22AA29893876347BA1BE62487748A . 832512 . . [7.00.6000.16916] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll
[7] 2009-08-27 . D5709010F06FEC697CCB2831D0821E0B . 840704 . . [7.00.6000.21116] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll
[7] 2009-08-27 . 604E16194F1E60084B948ACAE8334E0F . 833024 . . [7.00.6001.18319] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll
[7] 2009-08-27 . C628812EA5016B1C3E13E082940D5AF6 . 834048 . . [7.00.6001.22508] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll
[7] 2009-08-27 . 5E382486BCCCF4C50A810E2DF18C8CDB . 834048 . . [7.00.6002.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll
[7] 2009-08-27 . D88D19604AACE2101B13260322FB4A3A . 834048 . . [7.00.6002.18100] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll
[7] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll
[7] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[7] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[7] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[7] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[7] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[7] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll
[7] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll
[7] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll
[7] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll
[7] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll
[7] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-02-14 . 0AD9BE4F82F0389EC9B8A58F2FD16442 . 824832 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16609_none_000bb771a4a46504\wininet.dll
[7] 2008-02-14 . 39FBDEC53D5F7C5F4B7C35B9B1926A0F . 825344 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20734_none_006fe306bdded9ee\wininet.dll
[7] 2008-01-28 . 38F6BA60380A45EFB07CDAAECDC394F2 . 825344 . . [7.00.6000.20663] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20663_none_004e7112bdf81743\wininet.dll
[7] 2008-01-28 . 5AED372CFC645834DA3DD287CEF21473 . 824832 . . [7.00.6000.16546] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16546_none_ffdd74fda4c78b9c\wininet.dll
[7] 2008-01-19 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[7] 2006-11-02 . 214A456AADCC7DD1B36E2287BA71A9CA . 822272 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
.
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2006-11-02 . D99A071C1018BB3D4ABAAD4B62048AC2 . 178688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[7] 2008-01-28 . 6D06CD98D954FE87FB2DB8108793B399 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[7] 2008-01-28 . BD06F0BF753BC704B653C3A50F89D362 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[7] 2008-01-19 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[7] 2006-11-02 . FD8C53FB002217F6F888BCF6F5D7084D . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
.
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[7] 2006-11-02 . F13123E76FDA33E55F11E0EB832E832A . 134656 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-19 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
[7] 2006-11-02 . CCE6FB960F8985BF500CE9CB0B2EF4CF . 1314816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-19 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
[7] 2006-11-02 . 456FB859236C9074ACF6C3B6243D8B46 . 502784 . . [1.0626.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6000.16386_none_aac3b7125b914f5a\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6000.16386_none_e5cada609a6133bd\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[7] 2006-11-02 . D4385B03E8CCCEE6F0EE249F827C1F3E . 95744 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
.
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[7] 2008-01-19 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
[7] 2006-11-02 . 9A043808667C8C1893DA7275AF373F0E . 105984 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6000.16386_none_872f43bd868c402d\regsvc.dll
.
[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[7] 2008-02-14 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[7] 2008-02-14 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
[7] 2008-01-19 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[7] 2006-11-02 . 5C72614E6625D39CC1504BF078FDC4CA . 595456 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16386_none_2cca5c959a1767e4\schedsvc.dll
.
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
[7] 2006-11-02 . 8D3E4BAFF8B3997138C38EB1B600519A . 155136 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6000.16386_none_7d92b0efd44d38e1\ssdpsrv.dll
.
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[7] 2008-01-19 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[7] 2006-11-02 . FAD71C1E8E4047B154E899AE31EB8CAA . 427520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll
.
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
[7] 2006-11-02 . 312BA286EB3BE9EAE82DA427ED2C0284 . 291840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6000.16386_none_adff83b897ae75bd\hnetcfg.dll
.
[7] 2008-01-28 . 8B10CE1C1F9F1D47E4DEB1A547A00CD4 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys
[7] 2008-01-28 . 8B10CE1C1F9F1D47E4DEB1A547A00CD4 . 53864 . . [6.0.6000.16400] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[7] 2008-01-28 . 8B10CE1C1F9F1D47E4DEB1A547A00CD4 . 53864 . . [6.0.6000.16400] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[7] 2008-01-28 . BF34B4A0E0B64440C5389AA6B902F4AD . 53864 . . [6.0.6000.20496] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[7] 2008-01-19 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
.
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
[7] 2006-11-02 . D7657856319941907BBDC2A11713CFD7 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6000.16386_none_f6ca18a8459b3244\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\System32\ntkrnlpa.exe
[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntkrnlpa.exe
[7] 2012-04-03 . BEF3218359377715B1D85D7DF823E123 . 3604352 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntkrnlpa.exe
[7] 2012-03-06 . 67FB74F129CD6EB6A299B232B09F2FD8 . 3602816 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntkrnlpa.exe
[7] 2012-03-06 . 67C80F4BEF37E4F40AC38BBE6BCC6198 . 3603840 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntkrnlpa.exe
[7] 2011-10-27 . 5B3C5FBBE4FB0DCFFCEC402B44BC6719 . 3603840 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntkrnlpa.exe
[7] 2011-10-27 . CA537C1021ACDF5B3D14A01B0D4A09B7 . 3602816 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntkrnlpa.exe
[7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe
[7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe
[7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe
[7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe
[7] 2010-06-08 . 3FAFA4C0567D205F56C15D8B9D469F9D . 3601792 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntkrnlpa.exe
[7] 2010-06-08 . E3A2697835A14C75B233606357AB46DD . 3600768 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntkrnlpa.exe
[7] 2010-06-08 . 4F332C0A64F4209EB322DB35310BA879 . 3598216 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntkrnlpa.exe
[7] 2010-06-08 . 560C7E5036D6D0F9CC4AED5DE885DB8A . 3600784 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntkrnlpa.exe
[7] 2010-02-18 . AF2FC3FE3AD6860A808B237171BA6EED . 3600776 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe
[7] 2010-02-18 . D8077969EE22B889B793D076FDCA7066 . 3502480 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe
[7] 2010-02-18 . C2334AE54E10BCA2631660F649010B03 . 3598216 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe
[7] 2010-02-18 . 642161C66547496ACCD2794AB6B4284F . 3504008 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe
[7] 2010-02-18 . 1FED62B16D372E169CF355B2F3210A65 . 3601800 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe
[7] 2010-02-18 . 8BBC454D2F91D92E3E73DB5B5A0D8D8E . 3600776 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe
[7] 2009-12-08 . D2859DAE5F6730DF5BF1C25CFC376797 . 3503704 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntkrnlpa.exe
[7] 2009-12-08 . 84D47D16C6E7FB61D3A2F7738838A57B . 3502168 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntkrnlpa.exe
[7] 2009-12-08 . C89111B0489D5CF7B14CBDB5D225A88F . 3597912 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntkrnlpa.exe
[7] 2009-12-08 . 4A65C0C8743AD660A9DE8C2B68218FC7 . 3600472 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntkrnlpa.exe
[7] 2009-12-08 . C481B4F271D3D234B93E19F5531D1D55 . 3601464 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntkrnlpa.exe
[7] 2009-12-08 . 735CDD610B7A0E7B5C6A153DD45ECE32 . 3600456 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntkrnlpa.exe
[7] 2009-08-05 . 2E6E7BA5C8764F80ADA7D4C98E8B5D4A . 3599960 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntkrnlpa.exe
[7] 2009-08-05 . FF493ACD34EE896B8D114918439FAF10 . 3502152 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntkrnlpa.exe
[7] 2009-08-05 . FBA1B3594C1F691F1FA917ADE45D1DB5 . 3597896 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntkrnlpa.exe
[7] 2009-08-05 . 5FBCBEBDC19FB9A3F9C102D30FCD1E9E . 3599928 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntkrnlpa.exe
[7] 2009-08-05 . 6AD406205B25DC4EFBBCB044744248AD . 3503688 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntkrnlpa.exe
[7] 2009-08-04 . 0517782FC7FEDBEBFAD15566E75B732F . 3600456 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntkrnlpa.exe
[7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
[7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe
[7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe
[7] 2009-03-03 . 06BCF21AAA1890328D1F58F0ACBE668D . 3503584 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe
[7] 2009-03-03 . 191C702B48681FB2BA5A96F416207ACF . 3505120 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe
[7] 2008-09-18 . 3EB08788832D9048C617559CEFD208CF . 3601464 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe
[7] 2008-09-18 . DC870DCAA25E5CC1C8A50FAC19CCED45 . 3601976 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe
[7] 2008-09-18 . E67F6247029F6311E643532D2CFFE667 . 3505208 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe
[7] 2008-09-18 . 084A3A26A3D1A75D0705D963C0289DD5 . 3506744 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe
[7] 2008-04-26 . 6BB1994F5B62FEF6268F1EBB4014E293 . 3600952 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe
[7] 2008-04-26 . 68EEF02A8846442FE98AD0E0517EE6BC . 3601464 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe
[7] 2008-02-14 . 0BE027340C32D14ABECDA068E45E532A . 3504696 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntkrnlpa.exe
[7] 2008-02-14 . 4821AB9F49B32CC17887AE861895826E . 3505720 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntkrnlpa.exe
[7] 2008-02-14 . 7B3DE8F172BD5BA3842237088595E0DD . 3504824 . . [6.0.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntkrnlpa.exe
[7] 2008-02-14 . 0BDCA5C80ED74AD207EEC0535D2AF508 . 3505848 . . [6.0.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntkrnlpa.exe
[7] 2008-01-28 . 06F6700C5EE0A41F965EAEE81C1B926B . 3503800 . . [6.0.6000.16470] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16470_none_69fe6fbab7354ac0\ntkrnlpa.exe
[7] 2008-01-28 . CCBFEF0DF0C262C849A28FEEB3A1B7E2 . 3504312 . . [6.0.6000.20580] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20580_none_6a7d3c99d05b067b\ntkrnlpa.exe
[7] 2008-01-28 . A59C7EA8F866BA9EBE06CB57F01FA5E1 . 3504824 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntkrnlpa.exe
[7] 2008-01-28 . B0315AAB99CA2CF6576E68465B3AC554 . 3504824 . . [6.0.6000.16514] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntkrnlpa.exe
[7] 2008-01-28 . A676D072FF3967821EC292F5C885A32D . 3504824 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntkrnlpa.exe
[7] 2008-01-28 . 99AC9F5573F9376970A82D77731BE62A . 3504824 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntkrnlpa.exe
[7] 2008-01-19 . FE51E8DBBEF2D01EF886499FECBF2D78 . 3600440 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntkrnlpa.exe
[7] 2006-11-02 . CADAA2FCB7F3D18BE056A34D84EE2CA1 . 3502184 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntkrnlpa.exe
.
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
[7] 2006-11-02 . 8EB871A3DEB6B3D5A85EB6DDFC390B59 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6000.16386_none_bfb172793798ecfb\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-19 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
[7] 2006-11-02 . 68AC082734363E6BA813E7EAA353DB13 . 445440 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6000.16386_none_5664fc5c44f7ce2c\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-19 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
[7] 2006-11-02 . E72A22DCF0733AC06695ACD2268F6EB3 . 1788416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6000.16386_none_c016aaa963db2525\d3d9.dll
.
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
[7] 2006-11-02 . 29EF7A2EE634DD701571E781DE5E7E91 . 528384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6000.16386_none_02cee0f0c3162de9\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-19 07:36 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
[7] 2006-11-02 09:46 . DF54915B3DD106854F18C678BEB2977D . 88576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6000.16386_none_37dcf89704c935aa\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6000.16386_none_2f3c7bc7602ec1c4\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-19 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
[7] 2006-11-02 . D8C819157EBA10401FD25FB48184EF24 . 20480 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6000.16386_none_12c78d3353faab20\version.dll
.
[7] 2012-06-17 . 0129BB16161C2FD9A6B19111AB047198 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_5898f8e3ebb5c47b\iexplore.exe
[7] 2011-02-18 . C84ABBF7D7AF2F7D004D800D10430FF5 . 634648 . . [7.00.6001.18602] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18602_none_2f640c0119fca261\iexplore.exe
[7] 2011-02-18 . BECD30E162ACFD7A04B1F87FBBAFF70E . 634648 . . [7.00.6001.22857] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22857_none_2fbc9c88333e49ba\iexplore.exe
[7] 2010-12-20 . 4319F2A5C725D9E0B9E01744E02D32BE . 634648 . . [7.00.6001.18565] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18565_none_2f262b711a2a98e5\iexplore.exe
[7] 2010-12-20 . B021EBF2A5344FF71A641B2EFDAF813E . 634648 . . [7.00.6001.22816] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22816_none_2fe6dbee331ec09f\iexplore.exe
[7] 2010-10-21 . ED748658B126A4617A4BA4A8F4F10DBE . 634648 . . [7.00.6001.22784] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22784_none_2f992a0033595461\iexplore.exe
[7] 2010-10-20 . 63E2F08404C9824C6CE6EE4A308B4083 . 634648 . . [7.00.6001.18542] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18542_none_2f38ca6b1a1d14fe\iexplore.exe
[7] 2010-09-09 . 3EF3476EF687FE18856A6148C6082452 . 634648 . . [7.00.6001.22760] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22760_none_2faac8b0334cb723\iexplore.exe
[7] 2010-09-08 . 02FF22F3AF0108DA2A563ABC9867049F . 634648 . . [7.00.6001.18527] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18527_none_2f536bb51a085bcf\iexplore.exe
[7] 2010-06-28 . 867D06F3C473F65921F5EDF35866FF14 . 634656 . . [7.00.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22720_none_2fd60860332c475f\iexplore.exe
[7] 2010-06-28 . B6D7D54B736056991109F169737592C7 . 634648 . . [7.00.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18498_none_2f08baa51a403b96\iexplore.exe
[7] 2010-05-04 . 29A7F81290165264010B784A7D217561 . 634648 . . [7.00.6001.18470] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18470_none_2f16582d1a3738fc\iexplore.exe
[7] 2010-05-04 . 424CEA5CB5999B2A6A3ED643EA20C97F . 634656 . . [7.00.6001.22685] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22685_none_2f9a286433587091\iexplore.exe
[7] 2010-03-11 . 67C769016A79E6FC65D1755E5D6ADAB3 . 634648 . . [7.00.6001.22653] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22653_none_2fb897943341ea10\iexplore.exe
[7] 2010-03-09 . 259E27152180B895DF395ED3E412B90E . 634648 . . [7.00.6000.17037] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.17037_none_2d6231791cea1fc3\iexplore.exe
[7] 2010-03-09 . 97496AA4590CB101EF990060F7055F3D . 634648 . . [7.00.6000.21242] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21242_none_2ddbfecc361459f2\iexplore.exe
[7] 2010-03-09 . 74E60C93D1C9A40354D839776CCF53DF . 634648 . . [7.00.6001.18444] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18444_none_2f3ac9191a1b4a85\iexplore.exe
[7] 2009-12-18 . 6C8AC3469BBEFE194BB18B2D84D98252 . 634648 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18385_none_2f1087cd1a3ad679\iexplore.exe
[7] 2009-12-18 . C071905121F6DE5F399550FC70138FEC . 634632 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16982_none_2d2748491d16f983\iexplore.exe
[7] 2009-12-18 . 115076DAD84312F3A51698C15BC39D39 . 634632 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21184_none_2db2bdca3632ff3d\iexplore.exe
[7] 2009-12-18 . F47755101C622AF18EE669ECEB3A97AD . 634632 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22585_none_2f9a267e3358736a\iexplore.exe
[7] 2009-10-27 . 4F9B04D546C23A295F3F0AE015BE51DB . 634632 . . [7.00.6000.16945] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16945_none_2d5588d71cf3d5c4\iexplore.exe
[7] 2009-10-27 . 79B60CC26404F8FC2B351A7551D93C17 . 634632 . . [7.00.6001.18349] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18349_none_2f3fc8a51a16cc11\iexplore.exe
[7] 2009-10-27 . 80675329E0FD54F016C4F8A83C616349 . 634632 . . [7.00.6000.21148] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21148_none_2de1fea2360ef4d5\iexplore.exe
[7] 2009-10-27 . 03EF289E8F82CBC4E492658864C7C51A . 634632 . . [7.00.6001.22550] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22550_none_2fb594d03344a0e4\iexplore.exe
[7] 2009-08-27 . 9E45866CD349219784CD5A7620DBEB8A . 634632 . . [7.00.6000.16916] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16916_none_2d76f8e51cda9b48\iexplore.exe
[7] 2009-08-27 . A76AFC309AA55CD607A28AC41C7D7603 . 634632 . . [7.00.6000.21116] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21116_none_2e006dd235f86e54\iexplore.exe
[7] 2009-08-27 . BBF84F317553520BB78AEF7B047325C1 . 634648 . . [7.00.6001.18319] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18319_none_2f60386919fe783e\iexplore.exe
[7] 2009-08-27 . FE2DFF83B7753AC47C553EF7D5289BEE . 634648 . . [7.00.6001.22508] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22508_none_2ff3a6bc3314dfe7\iexplore.exe
[7] 2009-07-18 . 1D8163DBFECAEDB9C48C5F55084BC491 . 634648 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\iexplore.exe
[7] 2009-07-18 . 1D5A01AA2DE47C052AF46D7EBCB003A3 . 634648 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\iexplore.exe
[7] 2009-07-18 . 7FCF4E704A48D95202F3E7A1E1A21412 . 634648 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\iexplore.exe
[7] 2009-07-18 . EBEE9E4421F35CD861107DDA0266FBB1 . 634648 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\iexplore.exe
[7] 2009-04-24 . 1F44940EF1D07D0BDAF80E55853DFBD0 . 634648 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe
[7] 2009-04-24 . F294D8EEB05C835EC44A12CE0A1DFE7A . 634632 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe
[7] 2009-04-24 . D5271AC4A06AD9D1E2EA0151B79B2657 . 634648 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe
[7] 2009-04-24 . D6157423C117F24D24695866A1D0A93F . 634648 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[7] 2009-03-03 . 9E6C1527D9A2C64BFD780AA23075380F . 636072 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe
[7] 2009-03-03 . 8BA2B7A05F88BE0D45237A0994AD8366 . 636072 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe
[7] 2009-03-03 . EA4BE33726155F89D89A3FE7142878E0 . 636072 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe
[7] 2009-03-03 . 1DD66A2851DACDEC32EAE8F9A8865ABD . 636072 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe
[7] 2009-01-15 . F0B1CA517977BA2FF6DA33F1B966C488 . 634024 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
[7] 2009-01-15 . 0844F5B9CB3BB85A917D347EF1565B6C . 634024 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
[7] 2008-10-16 . D762642A109433EEDCD332B0A9511137 . 634024 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe
[7] 2008-10-16 . 4CBA2F58668F2D5F3259CBE73E227F25 . 634024 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe
[7] 2008-10-02 . 19403B64906C9EAC627E3C10847B0FDA . 633632 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe
[7] 2008-10-02 . 6655B851D9EEF7C83395EE52D551B448 . 633632 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe
[7] 2008-06-27 . 157F8DE991396C536820D7FA5C8DCF7D . 625664 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe
[7] 2008-06-27 . 4DBD95312B1C96C5285D38F1D748CD4D . 625664 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe
[7] 2008-04-25 . 07ED775D6DB4BFA96D7CFB09EB228418 . 625664 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe
[7] 2008-04-25 . 9F1427F203CA078005C9943800929640 . 625664 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe
[7] 2008-02-22 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
[7] 2008-02-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
[7] 2008-02-14 . 9143C721DD6482374EFB35BC35944324 . 625664 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\iexplore.exe
[7] 2008-02-14 . 7F2693693511F7ECD2762081F2F19864 . 625664 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20734_none_2de8ef92360a48d1\iexplore.exe
[7] 2008-01-28 . 3C1B2AD79DBF750A15A8832AF8192DB4 . 625152 . . [7.00.6000.20663] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20663_none_2dc77d9e36238626\iexplore.exe
[7] 2008-01-28 . EDEE147E416398BB3DD5B0DD4F6F1D32 . 625152 . . [7.00.6000.16546] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16546_none_2d5681891cf2fa7f\iexplore.exe
[7] 2008-01-19 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
[7] 2006-11-02 . 8308F01F27DF839E0010B0F72F855E35 . 623616 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16386_none_2d2b3e0d1d136ff5\iexplore.exe
.
.
[7] 2012-04-03 . B9907DD4BE7B1B39573BF66554AB224E . 3552640 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe
[7] 2012-04-03 . BA4C485548914034B471EB6FC2B50082 . 3550080 . . [6.0.6002.18607] . . c:\windows\System32\ntoskrnl.exe
[7] 2012-04-03 . BA4C485548914034B471EB6FC2B50082 . 3550080 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe
[7] 2012-03-06 . D960F9E1FCA0C86387E806D9AED319FB . 3550080 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntoskrnl.exe
[7] 2012-03-06 . FEA4425645424D66DCCC6CD3F417A40D . 3552640 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntoskrnl.exe
[7] 2011-10-27 . C7D1507B837BC41D13D6EAC31A032AE3 . 3550080 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntoskrnl.exe
[7] 2011-10-27 . D91407C7DF48B369E35E9E1426563EFA . 3552640 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntoskrnl.exe
[7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[7] 2010-06-08 . C5AB434D0C8FA38EAD136FB29E2504B7 . 3550600 . . [6.0.6002.22420] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
[7] 2010-06-08 . F2BEE482023F146CF85EBB15B9E1CD35 . 3548040 . . [6.0.6002.18267] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
[7] 2010-06-08 . D5FA5D17F03E6D39E1A12431DD6F2A39 . 3545992 . . [6.0.6001.18488] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
[7] 2010-06-08 . 47DB9968B8CF2031C46007F42CCE2437 . 3548552 . . [6.0.6001.22707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
[7] 2010-02-18 . C5759C9345A06EE52C7F5ECCF685CA6D . 3548560 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe
[7] 2010-02-18 . DC44BF78DEB87B7737D0D29B5B8EDAE3 . 3468168 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe
[7] 2010-02-18 . 6025E5530E2C43E1983CC8B840DF2108 . 3545992 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe
[7] 2010-02-18 . F8BEC470EAA8621751F739585C5871CD . 3470216 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe
[7] 2010-02-18 . 31289DD6914686D088582EED4B43F826 . 3550088 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe
[7] 2010-02-18 . A5D0B405442724448D23D61821BEA92A . 3548040 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe
[7] 2009-12-08 . 2972EEF8E834883EEC7C1995639341EF . 3469912 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe
[7] 2009-12-08 . CD2EEBFA39E742C8C066CCE09382A19B . 3467848 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe
[7] 2009-12-08 . 20D040ECE9A8F578D1D938256F34B663 . 3546200 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe
[7] 2009-12-08 . D32E95B17477E183F6019A99BE799BA9 . 3548760 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe
[7] 2009-12-08 . FB82B0147B7D93379B68F8A6A5828C70 . 3550264 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe
[7] 2009-12-08 . 664CA09C523FAB9D01BE6C4028C1B58B . 3548216 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe
[7] 2009-08-05 . 3EEEDCCFB587BCB0E2DE075332498C11 . 3547736 . . [6.0.6001.22489] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
[7] 2009-08-05 . 4765C66A89E7151626FF3545B01D2601 . 3467864 . . [6.0.6000.16901] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
[7] 2009-08-05 . 5302026B0FADB0819009798D3F6BCD77 . 3546184 . . [6.0.6001.18304] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
[7] 2009-08-05 . 09C5FB44F152EFF551A112C931DDE640 . 3548216 . . [6.0.6002.22191] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
[7] 2009-08-05 . D8DCA438CE571DB20BD8C4915CAC0760 . 3469896 . . [6.0.6000.21101] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
[7] 2009-08-04 . 575DD16BF4C21C2F7E2BBE203AC1E957 . 3548216 . . [6.0.6002.18082] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
[7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[7] 2009-03-03 . 808C86316AED98716C5F305A6265F393 . 3471328 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[7] 2008-09-18 . 1FD3E8BFFD38F9B145E4B2B238B692F7 . 3549240 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[7] 2008-09-18 . DEA801F2D9FD1DB35ED6B9BC4A6657F1 . 3549752 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[7] 2008-09-18 . 03279407E78F76BA1131DAB35A5E55C0 . 3470904 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[7] 2008-09-18 . 1E09CE4D9BB7B6521FB023CAE2E55F63 . 3472952 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[7] 2008-04-26 . C9CD31B3CBA8134F2B47FB5E78376ACC . 3549240 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[7] 2008-04-26 . 22D444D3D88A4C299894B3638A114BF7 . 3549240 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[7] 2008-02-14 . A0BF353A68B434F2BBFF238FEEB51486 . 3470392 . . [6.0.6000.16584] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntoskrnl.exe
[7] 2008-02-14 . B23072AE0FD60A2BE57FD48F81DDB5BB . 3471928 . . [6.0.6000.20707] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntoskrnl.exe
[7] 2008-02-14 . 2D202D94C6D0EC6B1483D2D47016FA0A . 3470520 . . [6.0.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntoskrnl.exe
[7] 2008-02-14 . 2DF67260DD3167402ABC14DC11112686 . 3472056 . . [6.0.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntoskrnl.exe
[7] 2008-01-28 . 935A4FA3683EBFA62C2D1086897B90A0 . 3469496 . . [6.0.6000.16470] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16470_none_69fe6fbab7354ac0\ntoskrnl.exe
[7] 2008-01-28 . F0CDC4A2F889ABC80FA99BC08B027B95 . 3469496 . . [6.0.6000.20580] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20580_none_6a7d3c99d05b067b\ntoskrnl.exe
[7] 2008-01-28 . 99B743BE7149970EB8D9C48FB0A41BF7 . 3470520 . . [6.0.6000.20629] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntoskrnl.exe
[7] 2008-01-28 . 4F2488EC5D0EBFE868F47681BCF315D3 . 3470008 . . [6.0.6000.16514] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntoskrnl.exe
[7] 2008-01-28 . 0E8F7801D17C7437CEE216099B975163 . 3471032 . . [6.0.6000.16551] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntoskrnl.exe
[7] 2008-01-28 . 9E6991F557248A5E6E742D1081583969 . 3471544 . . [6.0.6000.20670] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntoskrnl.exe
[7] 2008-01-19 . 6700F35EBA206E5C89AC27C9A124DC01 . 3548728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
[7] 2006-11-02 . 883D5B644BFA3DC7298D4731B13AF499 . 3467880 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntoskrnl.exe
.
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[7] 2008-01-19 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
[7] 2006-11-02 . 62B0D0F6F5580D9D0DFA5E0B466FF2ED . 270848 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6000.16386_none_8670a1b3705f945b\w32time.dll
.
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[7] 2008-01-19 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
[7] 2006-11-02 . A941E099EF46E3CC12F898CBE1C39910 . 451584 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6000.16386_none_305d7915b6684b33\wiaservc.dll
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-19 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
[7] 2006-11-02 . 848E745A842F903FD521DB585AB00D97 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6000.16386_none_8ac7060813a4d0d2\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn4\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309}]
2012-04-01 18:14 140288 ----a-w- c:\program files\FreeWorkz\FreeWorkzIE.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 20:31 1514152 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Akamai NetSession Interface"="c:\users\Jonathan\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLBTCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2007-02-22 73728]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-11 4452352]
"Conime"="c:\windows\system32\conime.exe" [2009-04-11 69120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-05 150552]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2009-12-01 6373376]
.
c:\users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2011-3-27 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk]
backup=c:\windows\pss\Philips GoGear VIBE Device Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Alert.lnk]
backup=c:\windows\pss\Desktop Alert.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Windows
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LoadMSvcmm
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 08:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 09:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-07-30 19:40 16384 ----a-w- c:\dell\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
2009-08-03 14:33 1626112 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 01:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
2009-12-01 19:11 6373376 ----a-w- c:\program files\MySpace\IM\MySpaceIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualFactory]
2012-06-29 09:47 79328 ----a-w- c:\program files\Common Files\Virtual\VirtualFactory.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3886725074-2382928123-2614987521-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 08:56]
.
2012-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 22:01]
.
2012-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 22:01]
.
2012-06-30 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2010-05-18 16:21]
.
2012-06-30 c:\windows\Tasks\User_Feed_Synchronization-{8BCDB802-AAEE-48A6-959C-1C26A3266CAE}.job
- c:\windows\system32\msfeedssync.exe [2012-06-17 03:19]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &AOL Email Toolbar Search - c:\programdata\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\771unzs7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true);user_pref(extensions.funmoods_i.hmpg, true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=axl
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=axl
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=axl&q=
FF - user.js: extensions.funmoods_i.id - 423dd68a000000000000001d09817542
FF - user.js: extensions.funmoods_i.instlDay - 15431
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1614:14
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - axl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-baloon - (no file)
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_80c2ffa.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlbtcoms.exe
c:\program files\Kodak\AiO\Center\ekdiscovery.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\TomTom HOME 2\TomTomHOMEService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\iashost.exe
c:\windows\RtHDVCpl.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe
c:\program files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
c:\windows\ehome\ehmsas.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2012-06-30 15:12:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-30 19:12
.
Pre-Run: 183,086,882,816 bytes free
Post-Run: 184,722,206,720 bytes free
.
- - End Of File - - 813021DE8EF3C735C8379C7798C23856

#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,832 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:08:35 PM

Posted 30 June 2012 - 05:50 PM

If you ran FRST prior to Combofix as previously requested, please post the contents of the Fixlog.txt in the USB drive. If you did not run FRST fix, don't run it, just let me know.

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner.
  • Select the option YES, I accept the Terms of Use then click on Start.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:

    Scan for potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth Technology

  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 30 June 2012 - 05:56 PM

I did the FRST fix but forgot to add the log to my last post. This is the post.


Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 20-06-2012 01
Ran by SYSTEM at 2012-06-30 14:29:44 Run:1
Running from D:\

==============================================

HKEY_USERS\Jonathan\Software\Microsoft\Windows\CurrentVersion\Run\\cabfbeebbcebedct Value deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\hleras Value deleted successfully.
C:\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290} moved successfully.
C:\Users\Jonathan\AppData\Local\{be2f21c4-b826-cffe-7e44-f4b230f14290} moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

Installing MBAM now will post the log after the scan.

#15 Mintoria

Mintoria
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 30 June 2012 - 10:17 PM

MBAM LOG:



Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.30.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jonathan :: JONATHAN-PC [administrator]

Protection: Enabled

6/30/2012 6:57:35 PM
mbam-log-2012-06-30 (18-57-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240136
Time elapsed: 8 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Program Files\Mozilla Firefox\pro-setup.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regvissetupv2.exe (Rogue.FreeRegistryCleanerForVista) -> Quarantined and deleted successfully.
C:\Users\Jonathan\Downloads\pro-setup.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Users\Jonathan\Downloads\regvissetup.exe (Rogue.pack) -> Quarantined and deleted successfully.
C:\Users\Jonathan\Downloads\regvissetupv2.exe (Rogue.FreeRegistryCleanerForVista) -> Quarantined and deleted successfully.

(end)



ESET LOG
C:\Users\Default\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BR application
C:\Users\Guest\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BR application
C:\Users\Jonathan\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BR application
C:\Program Files\FreeWorkz\Uninstaller.exe a variant of Win32/Adware.Gamevance.CC application
C:\Program Files\FreeWorkz\FreeWorkzIE.dll a variant of Win32/Adware.Gamevance.CD application
C:\Users\Jonathan\Desktop\Desk Top Stuff\Reflexorator.exe a variant of Win32/HackTool.Patcher.A application
C:\Windows\System32\HelpPx86.dll a variant of Win32/KeyLogger.EliteKeylogger.46 application
C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\3e13fa51-15f6d348 a variant of Win32/Kryptik.AHPJ trojan
C:\Users\Jonathan\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application
C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\29d18562-644c39ee Java/TrojanDownloader.Agent.NDW trojan
C:\Users\Jonathan\Downloads\7zip-setup.exe Win32/DownloadAdmin.A.Gen application
C:\Users\Jonathan\Downloads\registrybooster(2).exe Win32/RegistryBooster application
C:\Qoobox\Quarantine\C\Windows\Installer\{be2f21c4-b826-cffe-7e44-f4b230f14290}\n.vir Win32/Sirefef.EV trojan
C:\FRST\Quarantine\services.exe Win32/Sirefef.FB.Gen trojan
C:\Users\Jonathan\Downloads\installer_adobe_flash_player_English.exe Win32/Vittalia application
C:\Program Files\Common Files\Virtual\VirtualFactory.exe Win32/Wapprox.B trojan




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users