Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Whitescreen on login


  • This topic is locked This topic is locked
19 replies to this topic

#1 zerovox

zerovox

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 10 March 2013 - 11:56 AM

My brothers laptop displays desktop briefly (0.5 seconds-ish), then displays a white screen and you cant do anything except CAD to logoff. Any help appreciated!

 

I rebooted to recovery+ cmd (recovery has this problem too) and ran DDS:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 8.0.7600.17197
Run by Sam at 16:50:42 on 2013-03-10
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.44.1033.18.1840.1447 [GMT 0:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\dinotify.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uDefault_Page_URL = hxxp://toshiba.msn.com
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=d443cd20000000000000e839df4cf4d8&tlver=1.4.19.19&affID=17160
uURLSearchHooks: {37483b40-c254-4a72-bda4-22ee90182c1e} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
uWinlogon: Shell = explorer.exe,C:\Users\Sam\AppData\Roaming\msconfig.dat
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
uRun: [Spotify Web Helper] "C:\Users\Sam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Google Update] "C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Sam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120208062139
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{6E215575-2B1B-4EAA-BC68-4DBE5F911EBA} : DHCPNameServer = 10.239.24.5
TCP: Interfaces\{75AFCD3F-F5B1-4897-A35C-22CE030BD495} : NameServer = 88.82.13.60 88.82.13.60
TCP: Interfaces\{B222124C-19C4-4CA9-8DB1-73D89F253353} : NameServer = 120.234.4.13,129.234.4.9
TCP: Interfaces\{B222124C-19C4-4CA9-8DB1-73D89F253353} : DHCPNameServer = 192.168.4.14 192.168.5.12
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\244524573796E6563737845726D2836313 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\34F6679584 : DHCPNameServer = 192.168.25.5
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\35B4953353238323 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\542796B616 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\550534530303136363 : DHCPNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{F4C66E95-9BE4-45DE-97F4-937BE65C66ED}\A5978554C4F51343136337A697 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [ThpSrv] C:\Windows\System32\thpsrv /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\a7bol0dy.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Sam\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R1 pfmfs_463;pfmfs_463;C:\Windows\System32\drivers\pfmfs_463.sys [2011-4-12 249704]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2010-10-10 81920]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-10 56344]
R3 vodafone_K380x-z_dc_enum;vodafone_K380x-z_dc_enum;C:\Windows\System32\drivers\vodafone_K380x-z_dc_enum.sys [2010-5-20 75776]
S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
S2 lxdq_device;lxdq_device;C:\Windows\System32\lxdqcoms.exe -service --> C:\Windows\System32\lxdqcoms.exe -service [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-10 2320920]
S2 VmbService;Vodafone Mobile Broadband Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-8-18 8704]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2010-6-8 295088]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
S3 massfilter;MBB Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2011-6-20 11776]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-2-24 78336]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-2-24 181248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-13 1255736]
S3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\System32\drivers\zteusbvoice.sys [2011-6-20 121344]
S3 ZTEusbwwan;ZTE MBN Miniport;C:\Windows\System32\drivers\ZTEusbwwan.sys [2011-6-20 235520]
.
=============== Created Last 30 ================
.
2013-03-10 15:51:39 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2013-03-10 15:48:21 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer
2013-03-10 15:48:03 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a3fa103c1ce1da606\InstallManager_WLE_WLE.exe
2013-03-10 15:47:56 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a16914701ce1da605\MeshBetaRemover.exe
2013-03-10 15:47:33 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2013-03-10 15:47:33 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2013-03-10 15:47:30 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2013-03-10 15:47:30 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2013-03-10 15:46:58 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2013-03-10 15:46:58 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2013-03-10 15:46:52 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\DSETUP.dll
2013-03-10 15:46:52 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\DXSETUP.exe
2013-03-10 15:46:52 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\dsetup32.dll
2013-03-10 15:46:43 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\DSETUP.dll
2013-03-10 15:46:43 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\DXSETUP.exe
2013-03-10 15:46:43 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\dsetup32.dll
2013-03-10 15:45:42 -------- d-----w- C:\Users\Sam\AppData\Local\Windows Live
2013-03-10 15:43:26 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2013-03-10 15:43:26 206848 ----a-w- C:\Windows\System32\mfps.dll
2013-03-10 15:43:26 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2013-03-10 15:43:25 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-03-10 15:43:25 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-03-10 15:43:22 4068864 ----a-w- C:\Windows\System32\mf.dll
2013-03-10 15:43:18 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2013-03-10 15:37:54 -------- d-----w- C:\Users\Sam\AppData\Roaming\TuneUp Software
2013-02-28 20:54:59 74136 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2013-02-28 20:54:59 263064 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2013-02-28 20:54:59 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2013-02-28 20:54:59 116120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2013-02-13 19:15:10 5500776 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 19:15:04 3957608 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 19:15:03 3902312 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 19:13:31 3150848 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 19:05:57 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 19:05:57 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 18:27:46 760320 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 18:27:46 1111040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
.
==================== Find3M  ====================
.
2013-02-27 23:12:34 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 23:12:34 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-08 03:41:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 03:12:29 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 05:37:01 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-01-04 05:37:00 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-01-04 05:37:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-01-04 05:36:33 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 05:33:49 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-01-04 05:30:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-04 05:27:03 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27:02 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27:01 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27:00 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27:00 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:51:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:51:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-04 03:19:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-01-04 02:48:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:48:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:48:34 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-04 02:48:33 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:43:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-12-20 14:07:05 1198080 ----a-w- C:\Windows\System32\wininet.dll
2012-12-20 14:03:01 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2012-12-20 12:59:24 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-20 12:56:56 482816 ----a-w- C:\Windows\System32\html.iec
2012-12-20 12:01:14 386048 ----a-w- C:\Windows\SysWow64\html.iec
2012-12-20 11:28:50 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-12-16 16:52:02 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:40:45 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:25:27 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:25:19 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
.
============= FINISH: 16:51:57.15 ===============

Attached Files


Edited by zerovox, 10 March 2013 - 12:01 PM.


BC AdBot (Login to Remove)

 


#2 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 10 March 2013 - 12:04 PM

Seen a lot of people posting FRST logs too, so here's that with all whitelists ticked. Not sure why it says "is not run from recovery env" as it definitely was: 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-03-2013
Ran by Sam at 10-03-2013 16:59:15
Running from F:\
   (X64) OS Language: English(US) 
Attention: Could not load system hive.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
 
 
==================== One Month Created Files and Folders ========
 
2013-03-10 16:52 - 2013-03-10 16:52 - 00015313 ____A C:\Users\Sam\Desktop\attach.txt
2013-03-10 16:52 - 2013-03-10 16:51 - 00019612 ____A C:\Users\Sam\Desktop\dds.txt
2013-03-10 16:00 - 2013-02-04 22:49 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-03-10 15:55 - 2013-03-10 16:28 - 00000336 ____A C:\Windows\setupact.log
2013-03-10 15:55 - 2013-03-10 15:55 - 00001432 ____A C:\Windows\PFRO.log
2013-03-10 15:55 - 2013-03-10 15:55 - 00000000 ____A C:\Windows\setuperr.log
2013-03-10 15:53 - 2013-03-10 15:53 - 01239552 ____A (Microsoft Corporation) C:\Users\Sam\Downloads\wlsetup-web.exe
2013-03-10 15:51 - 2013-03-10 15:51 - 00000000 ____D C:\Program Files (x86)\MSN Toolbar
2013-03-10 15:47 - 2013-03-10 15:51 - 00000702 ____A C:\Windows\DirectX.log
2013-03-10 15:47 - 2009-09-04 17:44 - 00515416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-03-10 15:47 - 2009-09-04 17:44 - 00069464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-03-10 15:47 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2013-03-10 15:47 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-03-10 15:46 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-03-10 15:46 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-03-10 15:45 - 2013-03-10 15:45 - 00000000 ____D C:\Users\Sam\AppData\Local\Windows Live
2013-03-10 15:43 - 2010-05-23 10:15 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-03-10 15:43 - 2010-05-23 10:11 - 03181568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-03-10 15:43 - 2010-05-23 10:11 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-03-10 15:43 - 2010-05-23 08:37 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-03-10 15:43 - 2010-05-23 08:35 - 04068864 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-03-10 15:43 - 2010-05-23 08:35 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-03-10 15:43 - 2010-05-23 08:35 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-03-10 15:37 - 2013-03-10 15:37 - 00000000 ____D C:\Users\Sam\AppData\Roaming\TuneUp Software
2013-03-06 18:14 - 2013-03-06 18:14 - 00003288 ____N C:\bootsqm.dat
2013-03-05 20:00 - 2013-03-07 18:57 - 00430080 ____A C:\Users\Sam\Desktop\040313 Master Participant List v1.xls
2013-03-05 20:00 - 2013-03-05 20:00 - 00415744 ____A C:\Users\Sam\Downloads\040313 Master Participant List v1.xls
2013-02-28 20:54 - 2013-03-03 22:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-02-26 00:24 - 2013-02-26 00:24 - 00037476 ____A C:\Users\Sam\Desktop\Horizontal FiC Log.xlsx
2013-02-25 23:54 - 2013-02-26 00:18 - 00036632 ____A C:\Users\Sam\Downloads\Horizontal FiC Logistics SAM v1.xlsx
2013-02-21 12:05 - 2013-02-21 12:05 - 00469938 ____A C:\Users\Sam\Downloads\certificates.zip
2013-02-14 19:57 - 2013-02-14 20:06 - 00012493 ____A C:\Users\Sam\Desktop\Horizontal FiC Logistics.xlsx
2013-02-13 19:15 - 2013-01-05 05:57 - 05500776 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-02-13 19:15 - 2013-01-05 05:02 - 03957608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-13 19:15 - 2013-01-05 05:02 - 03902312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-13 19:13 - 2013-01-04 03:22 - 03150848 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-02-13 19:09 - 2013-01-08 05:29 - 09376768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-13 19:09 - 2013-01-08 04:44 - 06031872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-13 19:09 - 2013-01-08 03:41 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-13 19:09 - 2013-01-08 03:12 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-13 19:09 - 2012-12-20 14:07 - 01198080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-13 19:09 - 2012-12-20 14:06 - 01499648 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-13 19:09 - 2012-12-20 14:06 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-13 19:09 - 2012-12-20 14:03 - 01026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2013-02-13 19:09 - 2012-12-20 14:03 - 00736256 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-13 19:09 - 2012-12-20 14:03 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-13 19:09 - 2012-12-20 14:03 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-02-13 19:09 - 2012-12-20 14:03 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 12406272 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 02463744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-13 19:09 - 2012-12-20 14:02 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-13 19:09 - 2012-12-20 12:59 - 01230848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-13 19:09 - 2012-12-20 12:59 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-13 19:09 - 2012-12-20 12:59 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 11019264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 02077184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-02-13 19:09 - 2012-12-20 12:56 - 00185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-13 19:09 - 2012-12-20 12:56 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-13 19:09 - 2012-12-20 12:55 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-02-13 19:09 - 2012-12-20 12:14 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-02-13 19:09 - 2012-12-20 12:01 - 00386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-02-13 19:09 - 2012-12-20 11:28 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-02-13 19:09 - 2012-12-20 11:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-02-13 19:05 - 2013-01-04 05:41 - 01893224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-13 19:05 - 2013-01-04 05:40 - 00287576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-13 18:38 - 2013-01-04 05:37 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-02-13 18:38 - 2013-01-04 05:37 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-02-13 18:38 - 2013-01-04 05:37 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-02-13 18:38 - 2013-01-04 05:36 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-02-13 18:38 - 2013-01-04 05:33 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-02-13 18:38 - 2013-01-04 05:30 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-02-13 18:38 - 2013-01-04 05:30 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 05:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:51 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-02-13 18:38 - 2013-01-04 04:51 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-02-13 18:38 - 2013-01-04 04:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 04:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 03:19 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-02-13 18:38 - 2013-01-04 02:48 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-02-13 18:38 - 2013-01-04 02:48 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-02-13 18:38 - 2013-01-04 02:48 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-02-13 18:38 - 2013-01-04 02:48 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-02-13 18:38 - 2013-01-04 02:43 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 02:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 02:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-13 18:38 - 2013-01-04 02:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-02-12 21:17 - 2013-02-12 21:17 - 01012471 ____A C:\Users\Sam\Downloads\scannedjpgs.zip
2013-02-10 22:20 - 2013-02-10 22:20 - 00000000 ____D C:\Users\Sam\Desktop\Current
 
 
==================== One Month Modified Files and Folders =======
 
2013-03-10 16:52 - 2013-03-10 16:52 - 00015313 ____A C:\Users\Sam\Desktop\attach.txt
2013-03-10 16:51 - 2013-03-10 16:52 - 00019612 ____A C:\Users\Sam\Desktop\dds.txt
2013-03-10 16:48 - 2009-07-14 05:13 - 00742836 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-10 16:28 - 2013-03-10 15:55 - 00000336 ____A C:\Windows\setupact.log
2013-03-10 16:28 - 2012-09-13 22:34 - 00000045 ____A C:\Users\Sam\AppData\Roaming\msconfig.ini
2013-03-10 16:28 - 2011-06-20 14:05 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-10 16:28 - 2009-07-14 05:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-10 16:26 - 2011-04-14 10:27 - 00000000 ___RD C:\Users\Sam\Dropbox
2013-03-10 16:26 - 2011-04-14 10:23 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Dropbox
2013-03-10 16:25 - 2010-10-10 02:06 - 01445085 ____A C:\Windows\WindowsUpdate.log
2013-03-10 16:25 - 2009-07-14 04:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-03-10 16:25 - 2009-07-14 04:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-03-10 16:06 - 2013-01-27 22:40 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1104683146-4259283072-3995319266-1000UA.job
2013-03-10 15:56 - 2011-04-15 19:59 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Skype
2013-03-10 15:56 - 2010-06-08 13:40 - 00000000 ____D C:\ProgramData\McAfee
2013-03-10 15:55 - 2013-03-10 15:55 - 00001432 ____A C:\Windows\PFRO.log
2013-03-10 15:55 - 2013-03-10 15:55 - 00000000 ____A C:\Windows\setuperr.log
2013-03-10 15:53 - 2013-03-10 15:53 - 01239552 ____A (Microsoft Corporation) C:\Users\Sam\Downloads\wlsetup-web.exe
2013-03-10 15:53 - 2009-07-14 03:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-03-10 15:52 - 2010-06-08 13:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-03-10 15:51 - 2013-03-10 15:51 - 00000000 ____D C:\Program Files (x86)\MSN Toolbar
2013-03-10 15:51 - 2013-03-10 15:47 - 00000702 ____A C:\Windows\DirectX.log
2013-03-10 15:50 - 2012-06-05 10:08 - 00000000 ____D C:\ProgramData\MFAData
2013-03-10 15:45 - 2013-03-10 15:45 - 00000000 ____D C:\Users\Sam\AppData\Local\Windows Live
2013-03-10 15:44 - 2010-06-08 13:34 - 00000000 ____D C:\Program Files\TOSHIBA
2013-03-10 15:44 - 2010-06-08 13:34 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2013-03-10 15:42 - 2012-09-15 22:50 - 00000000 ____D C:\Program Files (x86)\Steam
2013-03-10 15:42 - 2011-06-20 14:05 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-10 15:37 - 2013-03-10 15:37 - 00000000 ____D C:\Users\Sam\AppData\Roaming\TuneUp Software
2013-03-10 15:35 - 2012-07-17 01:40 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-03-10 00:18 - 2013-01-27 22:03 - 00000000 ____D C:\Users\Sam\Documents\Letter
2013-03-10 00:15 - 2011-10-11 14:26 - 00000000 ____D C:\Users\Sam\Documents\Writing
2013-03-09 23:30 - 2013-01-27 22:39 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1104683146-4259283072-3995319266-1000Core.job
2013-03-08 18:09 - 2011-04-06 18:00 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Mozilla
2013-03-08 17:07 - 2009-07-14 05:08 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-03-07 18:57 - 2013-03-05 20:00 - 00430080 ____A C:\Users\Sam\Desktop\040313 Master Participant List v1.xls
2013-03-07 17:00 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\System32\NDF
2013-03-07 00:04 - 2011-05-28 13:44 - 00000000 ____D C:\Users\Sam\Documents\Thoughts
2013-03-06 18:14 - 2013-03-06 18:14 - 00003288 ____N C:\bootsqm.dat
2013-03-05 20:00 - 2013-03-05 20:00 - 00415744 ____A C:\Users\Sam\Downloads\040313 Master Participant List v1.xls
2013-03-05 13:32 - 2011-04-07 18:33 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Spotify
2013-03-05 13:24 - 2011-04-07 18:33 - 00000000 ____D C:\Users\Sam\AppData\Local\Spotify
2013-03-04 22:58 - 2012-11-28 13:37 - 00220160 __ASH C:\Users\Sam\Downloads\Thumbs.db
2013-03-04 17:43 - 2012-05-18 02:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-03 22:20 - 2013-02-28 20:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-02-27 23:12 - 2012-07-17 01:40 - 00691568 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-27 23:12 - 2011-06-25 20:08 - 00071024 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-26 00:24 - 2013-02-26 00:24 - 00037476 ____A C:\Users\Sam\Desktop\Horizontal FiC Log.xlsx
2013-02-26 00:18 - 2013-02-25 23:54 - 00036632 ____A C:\Users\Sam\Downloads\Horizontal FiC Logistics SAM v1.xlsx
2013-02-24 20:15 - 2011-06-20 14:10 - 00002150 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-02-21 12:05 - 2013-02-21 12:05 - 00469938 ____A C:\Users\Sam\Downloads\certificates.zip
2013-02-15 08:58 - 2009-07-14 04:45 - 00437688 ____A C:\Windows\System32\FNTCACHE.DAT
2013-02-14 20:32 - 2011-05-28 13:44 - 00000000 ____D C:\Users\Sam\Documents\Applications
2013-02-14 20:06 - 2013-02-14 19:57 - 00012493 ____A C:\Users\Sam\Desktop\Horizontal FiC Logistics.xlsx
2013-02-14 09:22 - 2011-04-12 12:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-02-14 09:13 - 2012-11-09 16:19 - 00000000 ____D C:\Users\Sam\Documents\Academic ideas
2013-02-12 21:17 - 2013-02-12 21:17 - 01012471 ____A C:\Users\Sam\Downloads\scannedjpgs.zip
2013-02-11 00:43 - 2012-08-20 16:42 - 00000000 ____D C:\Users\Sam\Documents\Coventry
2013-02-10 22:20 - 2013-02-10 22:20 - 00000000 ____D C:\Users\Sam\Desktop\Current
2013-02-10 22:20 - 2011-06-20 21:51 - 00000000 ____D C:\Users\Sam\Documents\Justice
2013-02-10 21:20 - 2011-11-03 22:36 - 00000920 ____A C:\Users\Sam\Documents\Prayers for the Bishop.txt
 
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1104683146-4259283072-3995319266-1000\$a85af19afb7c26cde6be032eef886ce8
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$a85af19afb7c26cde6be032eef886ce8
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 25%
Total physical RAM: 1840.43 MB
Available physical RAM: 1375.47 MB
Total Pagefile: 3680.85 MB
Available Pagefile: 3267.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
 
==================== Partitions =============================
 
1 Drive c: (Windows) (Fixed) (Total:149.04 GB) (Free:49.07 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:148.65 GB) (Free:140.9 GB) NTFS
4 Drive f: (STICK) (Removable) (Total:3.51 GB) (Free:2.42 GB) FAT32
 
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB      0 B         
  Disk 1    Online         3700 MB  2176 KB         
 
Partitions of Disk 0:
===============
 
Disk ID: EF07EB5C
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            400 MB  1024 KB
  Partition 2    Primary            149 GB   401 MB
  Partition 3    Primary            148 GB   149 GB
 
==================================================================================
 
Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1         SYSTEM       NTFS   Partition    400 MB  Healthy    System (partition with boot components)  
 
=========================================================
 
Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C   Windows      NTFS   Partition    149 GB  Healthy    Boot    
 
=========================================================
 
Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     D   Data         NTFS   Partition    148 GB  Healthy            
 
=========================================================
 
Partitions of Disk 1:
===============
 
Disk ID: C3072E18
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           3600 MB    31 KB
  Partition 0    Primary             98 MB  3600 MB
 
==================================================================================
 
Disk: 1
Partition 1
Type  : 0B
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4     F   STICK        FAT32  Removable   3600 MB  Healthy            
 
=========================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: EF07EB5C
 
Partition 1:
===========
Hex: 80202100071E2B330008000000800C00
Active: YES
Type: 07 (NTFS)
Size: 400 MB
 
Partition 2:
===========
Hex: 001E2C3307FEFFFF00880C000070A112
Active: NO
Type: 07 (NTFS)
Size: 149 GB
 
Partition 3:
===========
Hex: 00FEFFFF07FEFFFF00F8AD1200F09412
Active: NO
Type: 07 (NTFS)
Size: 149 GB
 
==============================
Partitions of Disk 1:
===============
Disk ID: C3072E18
 
Partition 1:
===========
Hex: 800101000BFE7FCA3F000000CC837000
Active: YES
Type: 0B
Size: 4 GB
 
Partition 2:
===========
Hex: 000041CB0BFE7FD60B8470004D100300
Active: NO
Type: 0B
Size: 98 MB
 
 
Last Boot: 2013-02-17 13:11
 
==================== End Of Log =============================


#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 12 March 2013 - 08:14 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.
  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#4 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 12 March 2013 - 08:15 PM

Hi m0le, I'm here!

 

Many thanks for the help!



#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 12 March 2013 - 08:19 PM

I think the first question has to be why you believe the white screen is malware-related?
Posted Image
m0le is a proud member of UNITE

#6 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 12 March 2013 - 08:30 PM

It seems to relate to something starting up post log-in. I assume it to be malware, but I guess it might not be. It's certainly not a drivers issue, you can still Ctrl-Alt-Delete and do thinks like log-off, and when you do the white screen disapears as it's logging off, so I assume the process is killed. I guess it could be any application behaving incorrectly, but I can't access anything except through safe mode + cmd, so I can't figure too much out on my own. What I do know is that all process set to start have no record of misbehaving in this way, skype and dropbox are some of these, I hope the logs will give more info.



#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 13 March 2013 - 06:55 PM

A good way to test a problem with a program is to do a clean boot. I'm not saying there's no malware but the logs aren't giving me much. If we can check this we can then move on to some more scanners

Let's try the clean boot. This will boot the system without any services or startup programs and that will eliminate or pinpoint the main problem.

1. Click Start, type msconfig in the Start Search box, and then press Enter. If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.

2. On the General tab, click Selective Startup.

3. Under Selective Startup, click to clear the Load Startup Items check box.

4. Click the Services tab, click to select the Hide All Microsoft Services check box, and then click Disable All.

5. Click Apply and OK.

6. When you are prompted, click Restart.

7. After the computer starts let me know if the problem is still occurring.
Posted Image
m0le is a proud member of UNITE

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 18 March 2013 - 07:50 PM

Hi,

I have not had a reply from you for 6 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le


Posted Image
m0le is a proud member of UNITE

#9 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 19 March 2013 - 03:11 PM

The problem is still occuring.

 

Thanks,

 

zerovox



#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 19 March 2013 - 07:42 PM

So there's problems with a normal boot and the recovery environment. Is it the same for Safe mode?

 

I rebooted to recovery+ cmd (recovery has this problem too) and ran DDS:

 

How were you able to run DDS if recovery goes whitescreen after five seconds as well?


Posted Image
m0le is a proud member of UNITE

#11 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 19 March 2013 - 08:01 PM

Sorry, I was conflating my terms there. Normal Boot, Safe Mode and Safe Mode with Networking both have this whitescreen issue.

Safe Mode with Command Prompt does not have this issue, so I was able to use the command line to run DDS. My guess is due to explorer start up scripts not being run the malware or whatever it is isn't executed.

You can do a decent ammount in Safe Mode with Command Prompt though, you can open an explorer window and navigate through files, run files from USB, etc. Programs are hit and miss, Office programs have issues and don't work, but standalone exes seem to work okay.

 

And to be clear/reiterate, it's not drivers or anything like that, you can move the cursor around and access Ctrl-Alt-Delete menu, opening Task Manager does so in the background, thinks like switch user and log off work. (the white screen disapears, killed by the log off process I assume, the desktop is visible, then log-off completes without enought time to Alt-F2 and stop the log off process),



#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 19 March 2013 - 08:08 PM

but standalone exes seem to work okay.

 
Let's test that with Combofix in safe mode
 
Please download ComboFix from one of these locations:

* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe

  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list
     
    of programs that should be disabled. The list is not all inclusive.)
     
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
 

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

If you receive the message "Illegal operation attempted on a registry key that has been marked for deletion." then please reboot the system.


Edited by m0le, 19 March 2013 - 08:09 PM.

Posted Image
m0le is a proud member of UNITE

#13 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 23 March 2013 - 08:52 AM

I'll have access to the laptop again later this week, it's my brothers and I'm away for a bit, but I'll be able to try this out on Thursday

 

Thanks,

 

Zerovox



#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:31 PM

Posted 24 March 2013 - 07:21 PM

No problem, zerovox :thumbup2:
Posted Image
m0le is a proud member of UNITE

#15 zerovox

zerovox
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:31 PM

Posted 01 April 2013 - 08:58 AM

ComboFix 13-04-01.01 - Sam 01/04/2013  14:41:31.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.44.1033.18.1840.1277 [GMT 1:00]
Running from: F:\ComboFix.exe
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sam\2057.MST
c:\users\Sam\AppData\Roaming\msconfig.dat
c:\users\Sam\AppData\Roaming\msconfig.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-03-01 to 2013-04-01  )))))))))))))))))))))))))))))))
.
.
2013-04-01 13:47 . 2013-04-01 13:47    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-03-10 17:51 . 2013-03-10 17:51    --------    d-----w-    C:\Tools
2013-03-10 16:59 . 2013-03-10 16:59    --------    d-----w-    C:\FRST
2013-03-10 16:00 . 2013-02-04 22:49    70004024    ----a-w-    c:\windows\system32\MRT.exe
2013-03-10 15:51 . 2013-03-10 15:51    --------    d-----w-    c:\program files (x86)\MSN Toolbar
2013-03-10 15:48 . 2013-03-10 15:51    --------    d-----w-    c:\program files (x86)\Bing Bar Installer
2013-03-10 15:48 . 2013-03-10 15:48    469256    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\a3fa103c1ce1da606\InstallManager_WLE_WLE.exe
2013-03-10 15:47 . 2013-03-10 15:47    15712    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\a16914701ce1da605\MeshBetaRemover.exe
2013-03-10 15:47 . 2009-09-04 17:44    69464    ----a-w-    c:\windows\SysWow64\XAPOFX1_3.dll
2013-03-10 15:47 . 2009-09-04 17:44    515416    ----a-w-    c:\windows\SysWow64\XAudio2_5.dll
2013-03-10 15:47 . 2009-09-04 17:29    453456    ----a-w-    c:\windows\SysWow64\d3dx10_42.dll
2013-03-10 15:47 . 2009-09-04 17:29    523088    ----a-w-    c:\windows\system32\d3dx10_42.dll
2013-03-10 15:46 . 2006-11-29 13:06    4398360    ----a-w-    c:\windows\system32\d3dx9_32.dll
2013-03-10 15:46 . 2006-11-29 13:06    3426072    ----a-w-    c:\windows\SysWow64\d3dx9_32.dll
2013-03-10 15:46 . 2013-03-10 15:46    94040    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\DSETUP.dll
2013-03-10 15:46 . 2013-03-10 15:46    525656    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\DXSETUP.exe
2013-03-10 15:46 . 2013-03-10 15:46    1691480    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\7b415cc21ce1da604\dsetup32.dll
2013-03-10 15:46 . 2013-03-10 15:46    94040    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\DSETUP.dll
2013-03-10 15:46 . 2013-03-10 15:46    525656    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\DXSETUP.exe
2013-03-10 15:46 . 2013-03-10 15:46    1691480    ----a-w-    c:\program files (x86)\Common Files\Windows Live\.cache\74e9a4261ce1da603\dsetup32.dll
2013-03-10 15:45 . 2013-03-10 15:45    --------    d-----w-    c:\users\Sam\AppData\Local\Windows Live
2013-03-10 15:43 . 2010-05-23 10:11    196608    ----a-w-    c:\windows\SysWow64\mfreadwrite.dll
2013-03-10 15:43 . 2010-05-23 08:35    257024    ----a-w-    c:\windows\system32\mfreadwrite.dll
2013-03-10 15:43 . 2010-05-23 08:35    206848    ----a-w-    c:\windows\system32\mfps.dll
2013-03-10 15:43 . 2010-05-23 10:15    1619456    ----a-w-    c:\windows\SysWow64\WMVDECOD.DLL
2013-03-10 15:43 . 2010-05-23 08:37    1888256    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-03-10 15:43 . 2010-05-23 08:35    4068864    ----a-w-    c:\windows\system32\mf.dll
2013-03-10 15:43 . 2010-05-23 10:11    3181568    ----a-w-    c:\windows\SysWow64\mf.dll
2013-03-10 15:37 . 2013-03-10 15:37    --------    d-----w-    c:\users\Sam\AppData\Roaming\TuneUp Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 23:12 . 2012-07-17 01:40    691568    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 23:12 . 2011-06-25 20:08    71024    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 05:29 . 2013-02-13 19:09    9376768    ----a-w-    c:\windows\system32\mshtml.dll
2013-01-08 03:41 . 2013-02-13 19:09    1638912    ----a-w-    c:\windows\system32\mshtml.tlb
2013-01-08 03:12 . 2013-02-13 19:09    1638912    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-01-05 05:57 . 2013-02-13 19:15    5500776    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-05 05:02 . 2013-02-13 19:15    3957608    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:02 . 2013-02-13 19:15    3902312    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:41 . 2013-02-13 19:05    1893224    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-01-04 05:40 . 2013-02-13 19:05    287576    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-04 05:37 . 2013-02-13 18:38    362496    ----a-w-    c:\windows\system32\wow64win.dll
2013-01-04 05:37 . 2013-02-13 18:38    243200    ----a-w-    c:\windows\system32\wow64.dll
2013-01-04 05:37 . 2013-02-13 18:38    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2013-01-04 05:36 . 2013-02-13 18:38    215040    ----a-w-    c:\windows\system32\winsrv.dll
2013-01-04 05:33 . 2013-02-13 18:38    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2013-01-04 05:30 . 2013-02-13 18:38    424960    ----a-w-    c:\windows\system32\KernelBase.dll
2013-01-04 05:30 . 2013-02-13 18:38    1161216    ----a-w-    c:\windows\system32\kernel32.dll
2013-01-04 05:27 . 2013-02-13 18:38    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:51 . 2013-02-13 18:38    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2013-01-04 04:51 . 2013-02-13 18:38    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
2013-01-04 04:43 . 2013-02-13 18:38    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    5120    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 18:38    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2013-01-04 03:22 . 2013-02-13 19:13    3150848    ----a-w-    c:\windows\system32\win32k.sys
2013-01-04 03:19 . 2013-02-13 18:38    338432    ----a-w-    c:\windows\system32\conhost.exe
2013-01-04 02:48 . 2013-02-13 18:38    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2013-01-04 02:48 . 2013-02-13 18:38    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2013-01-04 02:48 . 2013-02-13 18:38    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2013-01-04 02:48 . 2013-02-13 18:38    2048    ----a-w-    c:\windows\SysWow64\user.exe
2013-01-04 02:43 . 2013-02-13 18:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 18:38    6144    ---ha-w-    c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 18:38    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 18:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys
.
[-] 2009-07-13 . 079125C4B17B01FCAEEBCE0BCB290C0F . 99840 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[-] 2009-07-13 . 079125C4B17B01FCAEEBCE0BCB290C0F . 99840 . . [6.1.7600.16385] .. c:\windows\system32\drivers\tdx.sys
.
[-] 2012-07-04 . 00A7A2067E9822E4626DE846574ADA80 . 136704 . . [6.1.7600.21256] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.21256_none_d5890aa5d0b400b5\browser.dll
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7601.17887] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll
[-] 2012-07-04 . 156768ABAE1DAF29BA0B0C05C21FEF09 . 136704 . . [6.1.7601.22044] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll
[-] 2012-07-04 . 6B054C67AAA87843504E8E3C09102009 . 136704 . . [6.1.7600.17056] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.17056_none_d4ff6bf4b79663c4\browser.dll
[-] 2009-07-14 . 94FBC06F294D58D02361918418F996E3 . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_d4de1860b7af7c14\browser.dll
[-] 2012-07-04 . 6B054C67AAA87843504E8E3C09102009 . 136704 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[-] 2012-06-04 . 79C908CAA6F43021EB05F4C733A927D1 . 31232 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[-] 2012-06-02 . BF63CE11A25F3509129888710D5111FC . 31232 . . [6.1.7600.21225] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[-] 2011-11-17 . 156F6159457D0AA7E59B62681B56EB90 . 31232 . . [6.1.7600.16915] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[-] 2011-11-17 . 156F6159457D0AA7E59B62681B56EB90 . 31232 . . [6.1.7600.16915] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[-] 2011-11-17 . D21BD47E528CD62E79311FB5DF0150E6 . 31232 . . [6.1.7600.21092] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[-] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[-] 2011-11-17 . 156F6159457D0AA7E59B62681B56EB90 . 31232 . . [6.1.7600.16915] .. c:\windows\system32\lsass.exe
.
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll
.
[-] 2009-07-14 . 7F0C323FE3DA28AA4AA1BDA3F575707F . 848384 . . [7.5.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll
[-] 2009-07-14 . 7F0C323FE3DA28AA4AA1BDA3F575707F . 848384 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll
.
[-] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\system32\rpcss.dll
.
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7601.17777] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[-] 2012-02-11 . 567977DC43CC13C4C35ED7084C0B84D5 . 559104 . . [6.1.7600.16962] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe
[-] 2012-02-11 . 807B5B0E287027F72AC37B0CDA9512DA . 559104 . . [6.1.7600.21149] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe
[-] 2012-02-11 . B9D7A4858CF32A6A15D2763F1DE47E0E . 559616 . . [6.1.7601.21921] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[-] 2010-08-21 . F8E1FA03CB70D54A9892AC88B91D1E7B . 558592 . . [6.1.7600.16661] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe
[-] 2010-08-20 . 8547491BE7086EE317163365D83A37D2 . 559104 . . [6.1.7600.20785] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[-] 2009-07-14 . 89E8550C5862999FCF482EA562B0E98E . 558080 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[-] 2012-02-11 . 567977DC43CC13C4C35ED7084C0B84D5 . 559104 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe
.
[-] 2009-10-28 . A93D41A4D4B0D91C072D11DD8AF266DE . 389632 . . [6.1.7600.20560] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[-] 2009-10-28 . DA3E2A6FA9660CC75B471530CE88453A . 389632 . . [6.1.7600.16447] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[-] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[-] 2009-10-28 . DA3E2A6FA9660CC75B471530CE88453A . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe
.
[-] 2010-08-24 . B0CB1D2D5FFA6335DD94B1B531756412 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.20787_none_961cb3b90ac4540e\comctl32.dll
[-] 2010-08-24 . B0CB1D2D5FFA6335DD94B1B531756412 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.20787_none_a6357652551c0c2c\comctl32.dll
[-] 2010-08-24 . 882C1C473BE598DF08730DA11C5B2B27 . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.20787_none_e3967e4730ab1731\comctl32.dll
[-] 2010-08-21 . BC052EFAD10ACA1AD69545B629F50D99 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16661_none_95a2b509f19be458\comctl32.dll
[-] 2010-08-21 . BC052EFAD10ACA1AD69545B629F50D99 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll
[-] 2010-08-21 . 113921FC4A80A3DDF646852998B836D0 . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll
[-] 2009-07-14 . 7E8AB50AB7F2F81F30DCC8A98025B73A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_959110a7f1a88a21\comctl32.dll
[-] 2009-07-14 . 7E8AB50AB7F2F81F30DCC8A98025B73A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_a44af8ec57f961cf\comctl32.dll
[-] 2009-07-14 . C093E7835C1372D6D70A6675EDAA97B5 . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll
[-] 2010-08-21 . BC052EFAD10ACA1AD69545B629F50D99 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[-] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7601.17856] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[-] 2012-06-02 . 456107D69D4EE850A559434F19EFEE65 . 183808 . . [6.1.7600.21225] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[-] 2012-06-02 . BAF19B633933A9FB4883D27D66C39E9A . 182272 . . [6.1.7600.17035] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[-] 2012-04-24 . F02786B66375292E58C8777082D4396D . 182272 . . [6.1.7600.17008] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[-] 2012-04-24 . 4F5414602E2544A4554D95517948B705 . 184320 . . [6.1.7601.17827] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[-] 2012-04-24 . CE8BF1423AEE47DA5275FBC8AD3BD642 . 183808 . . [6.1.7600.21199] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[-] 2012-04-24 . B7337E9C9E5936355BB700AA33E0936E . 186880 . . [6.1.7601.21979] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[-] 2009-07-14 . 8C57411B66282C01533CB776F98AD384 . 175104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[-] 2012-06-02 . BAF19B633933A9FB4883D27D66C39E9A . 182272 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll
.
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll
.
[-] 2012-11-22 . BD5153969C41F697E23B9A43EF9228CE . 801280 . . [1.0626.7600.17174] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_08f91fc3722650e0\usp10.dll
[-] 2012-11-22 . E4ACCC7927A1478DF636534864E03666 . 801280 . . [1.0626.7601.22171] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_0b661a9c886d0db8\usp10.dll
[-] 2012-11-22 . 77AD7076F8CF3CAB923F7FAE6DC9BDA8 . 800768 . . [1.0626.7600.21379] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_0987bfe68b3f6c84\usp10.dll
[-] 2012-11-22 . DBF99FD9CAF75CA66D042BD8D050FF71 . 800768 . . [1.0626.7601.18009] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_0b302f956f0f750f\usp10.dll
[-] 2009-07-14 . 5F2BDCA5FA0F20A6F452CF0EE2A2B18C . 801280 . . [1.0626.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_08ef6ab5722d66d5\usp10.dll
[-] 2012-11-22 . BD5153969C41F697E23B9A43EF9228CE . 801280 . . [1.0626.7600.17174] .. c:\windows\system32\usp10.dll
.
[-] 2013-01-04 . 9DD828EFBD17246275E8A74D58E836AC . 1162752 . . [6.1.7600.21416] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_f0890ca988e09e80\kernel32.dll
[-] 2013-01-04 . B844114B247D8EF1E5E4E93A282D2E6F . 1162240 . . [6.1.7601.22209] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll
[-] 2013-01-04 . 43DB3433F141F01E53D1C5AA0F434098 . 1161216 . . [6.1.7600.17206] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_f00a3de46fbae59e\kernel32.dll
[-] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[-] 2012-11-30 . E3BC37881D92EB59EE0BA3B854A54D1E . 1161216 . . [6.1.7600.17179] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll
[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[-] 2012-11-30 . B6B1AB98BA656BA1D8E0CA03F59DED51 . 1162752 . . [6.1.7600.21386] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll
[-] 2012-10-04 . 1DC3504CA4C57900F1557E9A3F01D272 . 1161216 . . [6.1.7601.17965] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
[-] 2012-10-04 . F3C594D0DA3ACFA6C7B781A490AB4282 . 1162240 . . [6.1.7601.22125] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
[-] 2012-10-04 . 1DDCACAB8DA5399E5521051923016B18 . 1161216 . . [6.1.7600.17135] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll
[-] 2012-10-04 . 6EED0D77C20137948979EA47360A890B . 1162752 . . [6.1.7600.21335] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll
[-] 2012-08-20 . 1BDA5DB0C493B390C2DFD09139140DE1 . 1163776 . . [6.1.7600.21306] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_f093daaf88d88568\kernel32.dll
[-] 2012-08-20 . EAF41CFBA5281834CBC383C710AC7965 . 1162240 . . [6.1.7601.17932] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll
[-] 2012-08-20 . 624B34180C79D67C470C155DB81FFB8E . 1163264 . . [6.1.7601.22091] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll
[-] 2012-08-18 . 8E7F88A62E1AA28F15C0D6784E4C78B6 . 1162240 . . [6.1.7600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_f00b3c486fba01ce\kernel32.dll
[-] 2011-07-16 . B9B42A302325537D7B9DC52D47F33A73 . 1162752 . . [6.1.7601.17651] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll
[-] 2011-07-16 . 27AC02D8EE4C02E7648C41CB880151DA . 1163264 . . [6.1.7601.21772] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll
[-] 2011-07-16 . DDBD24DC04DA5FD0EDF45CF72B7C01E2 . 1162240 . . [6.1.7600.16850] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_efce4eb86fe8ae92\kernel32.dll
[-] 2011-07-16 . 06835B46D9676BEDD80AF25ACF6845FD . 1162240 . . [6.1.7600.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_f083035588e611da\kernel32.dll
[-] 2011-06-03 . 8225958BAC83EAFCDB6BAB6EE5EDF6E6 . 1162240 . . [6.1.7600.20978] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_f04a4dfb890f50f6\kernel32.dll
[-] 2011-05-14 . 98DA1B7572DAD6BA10296E0DF0950B37 . 1162240 . . [6.1.7600.16816] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_efff90246fc2d6d8\kernel32.dll
[-] 2011-05-14 . 0E1B2E16235AA7F89F064EE75DFC905E . 1162752 . . [6.1.7601.17617] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll
[-] 2011-05-14 . 6743E8705A96FCBF71279B5AE2CCFDBC . 1163264 . . [6.1.7601.21728] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll
[-] 2009-07-14 . 5B4B379AD10DEDA4EDA01B8C6961B193 . 1162240 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll
[-] 2013-01-04 . 43DB3433F141F01E53D1C5AA0F434098 . 1161216 . . [6.1.7600.17179] .. c:\windows\system32\kernel32.dll
.
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll
.
[-] 2012-12-16 . 838BF2634A38B344B27AC080D76B28C2 . 41472 . . [6.1.7600.21402] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_06a50ea48d16f1d1\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_05c80a1f743763f3\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_061b8a8773f9358d\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_05f24b6b7417d7ff\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16734_none_05fd2109740fb383\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16763_none_05dbb0fb7428edff\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17159_none_05ec6077741b94cf\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_05bc1f55744085e0\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_0649d7dc8d5a6bb3\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_067018008d3e7a63\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20875_none_065c7e6e8d4cdc68\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20905_none_06a82fc88d1415f8\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21362_none_06642d368d479c50\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_07e67eed71336b74\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_07c20e01714f59eb\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17991_none_079fa54171696fac\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_07e15d357138149f\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_086f1b6e8a51f1e7\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_084cab168a6c130c\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_08565a728a6505a2\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_082d1b568a83a814\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\system32\lpk.dll
.
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll
.
[-] 2013-01-08 . 98C377E8F22A61E0759BD371D4EE3709 . 9374720 . . [8.00.7600.21419] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21419_none_8acb8219cbbdd570\mshtml.dll
[-] 2013-01-08 . C22E44747DAC8CAACCE00F0722D708E2 . 9376768 . . [8.00.7600.17209] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17209_none_8a4cb354b2981c8e\mshtml.dll
[-] 2013-01-04 . 98A9587AB8EF8783F604610B60259BC0 . 9379328 . . [8.00.7600.21393] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21393_none_8a6eff17cc041fc7\mshtml.dll
[-] 2013-01-04 . 14470D396157D2C03209F47B71C2EEA7 . 9376256 . . [8.00.7600.17185] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17185_none_89f230e6b2dc9993\mshtml.dll
[-] 2013-01-04 . 229C53E836D62E6F1A8D75378681DDD5 . 9060352 . . [8.00.7601.22185] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22185_none_8c622c9dc920a270\mshtml.dll
[-] 2013-01-04 . D7A6EA0D6BD8B2357B51B436824DD0C5 . 9060864 . . [8.00.7601.18021] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18021_none_8c156e32afd5f5a4\mshtml.dll
[-] 2012-12-20 . 4197D46E0D23E746EF414E87C6F79E82 . 9060864 . . [8.00.7601.22199] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22199_none_8c5b5dd9c92523bd\mshtml.dll
[-] 2012-12-20 . C0206725ADC0E788921FB462D6EDEA98 . 9058304 . . [8.00.7601.18035] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18035_none_8c0e9f6eafda76f1\mshtml.dll
[-] 2012-11-12 . AE18DCD6934D657EA0995E919FB0F4DD . 9055744 . . [8.00.7601.17998] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_8bd0e8a2b008375a\mshtml.dll
[-] 2012-11-12 . 5D0EAA517A6450200ECAA8C95D02B293 . 9057792 . . [8.00.7601.22160] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_8c72cb03c914ebdb\mshtml.dll
[-] 2012-11-12 . A0AD7097CD66B73B6DB0197D0021A210 . 9375232 . . [8.00.7600.17166] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17166_none_8a08d108b2cb7b08\mshtml.dll
[-] 2012-11-12 . 035263E1364D1AFE39613151D04181C0 . 9372672 . . [8.00.7600.21369] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21369_none_8a957097cbe663fe\mshtml.dll
[-] 2012-08-24 . F0FABFB9A3BEC0314E2C91AC2152C128 . 9374208 . . [8.00.7600.21313] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21313_none_8ac57e77cbc3403f\mshtml.dll
[-] 2012-08-24 . C4DE5BE5AC69A8A01B045404A99FBEC6 . 9056256 . . [8.00.7601.17940] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17940_none_8bfef5eeafe6e0ed\mshtml.dll
[-] 2012-08-24 . 4EBE3011509A52C43FE7197E1C5DD665 . 9375744 . . [8.00.7600.17115] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17115_none_8a3de05ab2a3d5fc\mshtml.dll
[-] 2012-08-24 . 067E6DD28C63343B13A36EF080258A02 . 9057792 . . [8.00.7601.22099] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22099_none_8c5b5bf3c9252696\mshtml.dll
[-] 2012-06-27 . 788EDEF3241585C2DB7598ABF92377D9 . 9059840 . . [8.00.7601.17874] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17874_none_8be2856caffb9cf5\mshtml.dll
[-] 2012-06-27 . 36C91CDEBA11DF0B36CABC7B6BDFF802 . 9374208 . . [8.00.7600.21245] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21245_none_8aa70d61cbd9c999\mshtml.dll
[-] 2012-06-27 . 8BEE2BB78CDF02234F97458B9C3C1025 . 9372672 . . [8.00.7600.17051] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17051_none_8a0e9d9cb2c7e33d\mshtml.dll
[-] 2012-06-27 . 3171711EA82F3640D09E1CF94DA83C2A . 9058304 . . [8.00.7601.22032] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22032_none_8c953975c8facd8f\mshtml.dll
[-] 2012-04-20 . 223179EB25D554B5B5A063FEDA5DA79C . 9373696 . . [8.00.7600.17006] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17006_none_8a49aeaab29ad63b\mshtml.dll
[-] 2012-04-20 . 074F7036002DBD0950B7A6DB38589C29 . 9372672 . . [8.00.7600.21198] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21198_none_8a73fcbdcbffa42c\mshtml.dll
[-] 2012-04-20 . 0EBA57D758322797E24A0FA2297B36C2 . 9059840 . . [8.00.7601.17824] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17824_none_8c189508afd31140\mshtml.dll
[-] 2012-04-20 . 5B7D113B4B7B46D2633D2EF488521B2A . 9058304 . . [8.00.7601.21976] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21976_none_8c6e22cbc9176f6d\mshtml.dll
[-] 2012-02-28 . 1BAECB251EE22A8A87D209CA885EDFD1 . 9338880 . . [8.00.7600.21158] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21158_none_8a9f3c6dcbdf3468\mshtml.dll
[-] 2012-02-28 . 36EEA2478E8AAE2EB616D50AA8A168F4 . 9020928 . . [8.00.7601.17785] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17785_none_8bd8b3e4b002d516\mshtml.dll
[-] 2012-02-28 . 0D946DA964FCC26359E6E64FF54042A9 . 9335296 . . [8.00.7600.16968] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16968_none_8a0af794b2c97d4d\mshtml.dll
[-] 2012-02-28 . 147B4EF618987DEC79BC01348D973891 . 9021440 . . [8.00.7601.21931] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21931_none_8c946109c8fb80f6\mshtml.dll
[-] 2011-12-16 . A668888B8AA45E8C21A451A936B589A2 . 9019904 . . [8.00.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17744_none_8c02f34aafe34bfb\mshtml.dll
[-] 2011-12-16 . 7F821BED26D263F3853C6AAA62DF5B43 . 9335296 . . [8.00.7600.16930] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16930_none_8a236508b2b85ec2\mshtml.dll
[-] 2011-12-16 . 3B3CBA1C6F0F83ED1B869C66EA31E36E . 9019392 . . [8.00.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21878_none_8c702179c915a4f4\mshtml.dll
[-] 2011-12-16 . 0FBD1ED7A6B4F15B767A9AEF12E4C135 . 9338368 . . [8.00.7600.21108] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21108_none_8ad54c09cbb6a8b3\mshtml.dll
[-] 2011-11-05 . 312DD305113BE3ACA3A849B45048247E . 9018880 . . [8.00.7601.17720] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17720_none_8c1491faafd6aebd\mshtml.dll
[-] 2011-11-05 . 8CCB66627CF562B7294847277A0F9F68 . 9018368 . . [8.00.7601.21855] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21855_none_8c82c073c908210d\mshtml.dll
[-] 2011-11-05 . 5DBA17D7C5216A6457F1B214B383A753 . 9337344 . . [8.00.7600.21085] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21085_none_8a7bc9e5cbfa3f0f\mshtml.dll
[-] 2011-11-05 . B66FB052B89908CBC8CB372D209CA2CB . 9332736 . . [8.00.7600.16912] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16912_none_8a3b0574b2a6598e\mshtml.dll
[-] 2011-10-01 . 6954EE1BBF29632A73791910E89951A8 . 9011200 . . [8.00.7601.17699] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17699_none_8bd1e33ab007593c\mshtml.dll
[-] 2011-10-01 . 3C277EA8E3F5846D8F5968EA09F5D109 . 9326080 . . [8.00.7600.21062] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21062_none_8a8e68dfcbecbb28\mshtml.dll
[-] 2011-10-01 . 187A4AE835C9C269447A7ACE944744FB . 9011200 . . [8.00.7601.21830] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21830_none_8c935ed9c8fc6a78\mshtml.dll
[-] 2011-10-01 . 30FAA3E6405EBBD55907EDEBEABEDCEB . 9326080 . . [8.00.7600.16891] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16891_none_89e383e4b2e82298\mshtml.dll
[-] 2011-07-22 . D0BD625A0EC191F95F683AEE4049D6EC . 9321472 . . [8.00.7600.21013] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21013_none_8ac578c5cbc348ca\mshtml.dll
[-] 2011-07-22 . E4DC17E1DC42ABADF7910898A5B35487 . 9322496 . . [8.00.7600.16853] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16853_none_8a10c428b2c5e582\mshtml.dll
[-] 2011-07-22 . 80C2158BA5469E75F5F6180B560159E6 . 9007104 . . [8.00.7601.17655] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17655_none_8bf921c2afea841c\mshtml.dll
[-] 2011-07-22 . 65724073869250966E9CB2D92266A08E . 9007104 . . [8.00.7601.21776] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21776_none_8c6e1effc917751f\mshtml.dll
[-] 2011-05-28 . 6AD9DD5EEF68114AE3956236A61EBC08 . 9001984 . . [8.00.7601.17622] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17622_none_8c1690a8afd4e444\mshtml.dll
[-] 2011-05-28 . 23B8F516ADCF687886CF3D1CF15E355A . 9313280 . . [8.00.7600.20975] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20975_none_8a86c1afcbf1efdc\mshtml.dll
[-] 2011-05-28 . DD23BB49A9E9DF71A4004F589142F0B0 . 9316352 . . [8.00.7600.16821] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16821_none_8a2f3358b2af5f01\mshtml.dll
[-] 2011-05-28 . 1452199CC181AA4FFC2AB8AF0BA7A99E . 9001984 . . [8.00.7601.21735] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21735_none_8c985e65c8f7ec04\mshtml.dll
[-] 2011-03-07 . B2716DEC935FD5C8EEA66C1C0F7F5504 . 8995328 . . [8.00.7601.17573] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_8be17f70affc8c29\mshtml.dll
[-] 2011-03-07 . 929F6341D1743D018D15B574B18B0D97 . 8995328 . . [8.00.7601.21676] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_8c6e1d19c91777f8\mshtml.dll
[-] 2011-02-24 . F8F007BC2705CD11B2087635A5D0D3FD . 9311744 . . [8.00.7600.16766] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_8a08f334b2cb5051\mshtml.dll
[-] 2011-02-24 . 2B300279E66420F30E68E7B613B5A03D . 9309696 . . [8.00.7600.20908] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_8ad57201cbb6784a\mshtml.dll
[-] 2011-01-07 . 688872E9CAFCC2758E7FE92A0622B4F9 . 8995328 . . [8.00.7601.17537] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_8c10c048afd881c1\mshtml.dll
[-] 2011-01-07 . D0AFD5813136F0EAC80A048740553840 . 8995328 . . [8.00.7601.21636] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_8c995cc9c8f70834\mshtml.dll
[-] 2010-12-18 . B26512F06AC6E6841F9092DA5CD07B15 . 9302528 . . [8.00.7600.16722] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_8a3031bcb2ae7b31\mshtml.dll
[-] 2010-12-18 . B9C8DB637F63838B977AD44190677F43 . 9306624 . . [8.00.7600.20861] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_8a8d8e8dcbed7168\mshtml.dll
[-] 2010-02-23 . 282F2FEB95A6B3985CB30BA236594E7E . 9283072 . . [8.00.7600.16535] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_8a285ee2b2b3e8d9\mshtml.dll
[-] 2010-02-23 . E0A6A14D57662EA1B8FB379BCB679561 . 9289216 . . [8.00.7600.20651] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20651_none_8a985aadcbe55b29\mshtml.dll
[-] 2009-12-19 . 4C8FC7269F660374F398F75B240EF446 . 9280512 . . [8.00.7600.20600] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_8acd69ffcbbdb61d\mshtml.dll
[-] 2009-12-19 . F172328C926FF41AA3CC81EB37F7E0AE . 9276928 . . [8.00.7600.16490] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_89e27c02b2e914a5\mshtml.dll
[-] 2009-11-19 . AADEEDB38F70638FD2B7A86EDD837D19 . 9273856 . . [8.00.7600.20579] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_8a8abb3fcbee609c\mshtml.dll
[-] 2009-11-19 . E5DED66EFC742ADE04819551AF3652B1 . 9273344 . . [8.00.7600.16466] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_8a08ed82b2cb58dc\mshtml.dll
[-] 2009-10-19 . 8C23278E750FEC81AFBC6FC41BA20FB4 . 9272832 . . [8.00.7600.20553] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20553_none_8a9a595bcbe390b0\mshtml.dll
[-] 2009-10-19 . AD58895EC8B72839F122FAB9597F059B . 9272320 . . [8.00.7600.16444] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16444_none_8a1c8cc6b2bcee4c\mshtml.dll
[-] 2009-09-05 . D3514BFD4746921F967FA72664937658 . 9272832 . . [8.00.7600.20521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20521_none_8ab8c88bcbcd0a2f\mshtml.dll
[-] 2009-09-05 . 3ACDE094881B54C688FB4CA3868B9705 . 9272320 . . [8.00.7600.16419] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16419_none_8a41fdfcb2a0192c\mshtml.dll
[-] 2009-07-14 . 12C3F25EA578DAA752024E1918D59313 . 9271296 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll
[-] 2013-01-08 . C22E44747DAC8CAACCE00F0722D708E2 . 9376768 . . [8.00.7600.16385] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll
[-] 2011-12-16 . 579F6AFC6A6561951FA2202EFC3FE485 . 634368 . . [7.0.7600.16930] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_2d7b4155b87308d6\msvcrt.dll
[-] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll
[-] 2011-12-16 . 7D8B505E35AB89D3C3E9AE54A2C95DD2 . 634880 . . [7.0.7600.21108] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_2e2d2856d17152c7\msvcrt.dll
[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[-] 2011-12-16 . 579F6AFC6A6561951FA2202EFC3FE485 . 634368 . . [7.0.7600.16930] .. c:\windows\system32\msvcrt.dll
.
[-] 2009-07-14 . FC76FE3C1E1FDB761244D4F74EF560FD . 320000 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll
[-] 2009-07-14 . FC76FE3C1E1FDB761244D4F74EF560FD . 320000 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll
.
[-] 2009-07-14 . 956D030D375F207B22FB111E06EF9C35 . 692736 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[-] 2009-07-14 . 956D030D375F207B22FB111E06EF9C35 . 692736 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll
.
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll
.
[-] 2009-07-14 . 398712DDDAEFB85EDF61DF6A07B65C79 . 232448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[-] 2009-07-14 . 398712DDDAEFB85EDF61DF6A07B65C79 . 232448 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll
.
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll
.
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe
.
[-] 2009-07-14 . 884264AC597B690C5707C89723BB8E7B . 316416 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_3f31ca82fea39f26\tapisrv.dll
[-] 2009-07-14 . 884264AC597B690C5707C89723BB8E7B . 316416 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll
.
[-] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2009-07-14 . 6F8F1376A13114CC10C0E69274F5A4DE . 30208 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[-] 2009-07-14 . 6F8F1376A13114CC10C0E69274F5A4DE . 30208 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe
.
[-] 2012-12-20 . 7B0C153254450192EAD602B992009F72 . 1198080 . . [8.00.7600.17197] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17197_none_788f4270328c7efc\wininet.dll
[-] 2012-12-20 . D37C305E7EBBD9A4529791168421816A . 1198080 . . [8.00.7600.21406] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21406_none_797932094b620444\wininet.dll
[-] 2012-12-20 . 2369627A789B29866825BD9504F7B237 . 1189888 . . [8.00.7601.22199] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22199_none_7b013ebb48ceba87\wininet.dll
[-] 2012-12-20 . 81101547092783DC117D800D3573EBD4 . 1188864 . . [8.00.7601.18035] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18035_none_7ab480502f840dbb\wininet.dll
[-] 2012-10-27 . 245F82821B1E47ED7EA1D1B03DB666EE . 1198592 . . [8.00.7600.21355] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21355_none_7942203d4b8b797b\wininet.dll
[-] 2012-10-27 . 7E04D13661FB771CA4FDBB836AD0BA49 . 1188864 . . [8.00.7601.17984] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17984_none_7a7d98482fad4cd7\wininet.dll
[-] 2012-10-27 . 6C11E0E42D91728C8283917A8F57A72E . 1189888 . . [8.00.7601.22145] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22145_none_7b334d2f48a9c976\wininet.dll
[-] 2012-10-27 . 0D5335A61B9D69A61C683A6AB440E3A6 . 1197568 . . [8.00.7600.17153] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17153_none_78b680f8326fa9dc\wininet.dll
[-] 2012-08-24 . 37ABD0F9CB119F50E5C33C6B9A356D54 . 1198592 . . [8.00.7600.21313] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21313_none_796b5f594b6cd709\wininet.dll
[-] 2012-08-24 . 9156C3499C3794BC680FCCAA39DFA126 . 1197568 . . [8.00.7600.17115] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17115_none_78e3c13c324d6cc6\wininet.dll
[-] 2012-08-24 . 443D30EB805EEEE1E31C91ADCC82AB89 . 1188864 . . [8.00.7601.17940] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17940_none_7aa4d6d02f9077b7\wininet.dll
[-] 2012-08-24 . 635D10865A99EA8E7E532C84D952D769 . 1189888 . . [8.00.7601.22099] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22099_none_7b013cd548cebd60\wininet.dll
[-] 2012-06-27 . ADC0BAC148C957CF51B1F6F658A4FCA6 . 1188864 . . [8.00.7601.17874] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17874_none_7a88664e2fa533bf\wininet.dll
[-] 2012-06-27 . C1DA026AA80BF160486BD74347FCF0AD . 1198592 . . [8.00.7600.21245] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21245_none_794cee434b836063\wininet.dll
[-] 2012-06-27 . 569593095FF5260DFE1D23E3F426369F . 1197568 . . [8.00.7600.17051] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17051_none_78b47e7e32717a07\wininet.dll
[-] 2012-06-27 . 69449A3D42AC7000ACF5055172618632 . 1189888 . . [8.00.7601.22032] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22032_none_7b3b1a5748a46459\wininet.dll
[-] 2012-05-15 . CE5BFBD9685EE37DB942211450AAEA8F . 1188864 . . [8.00.7601.17842] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_7aa6d57e2f8ead3e\wininet.dll
[-] 2012-05-15 . 8DE6FAB55DFDA754CA952B654D1C5784 . 1198592 . . [8.00.7600.21215] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_796d5e074b6b0c90\wininet.dll
[-] 2012-05-15 . 507FBE142C77A32C1AE56CA35B6A7307 . 1189888 . . [8.00.7601.21995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_7afd638b48d224c2\wininet.dll
[-] 2012-05-15 . 8D3BC4F666B994382CE1B02E1BFEE0F6 . 1197568 . . [8.00.7600.17024] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_78d7ef2032567239\wininet.dll
[-] 2012-02-28 . 2F6A29DAE9BAC86BE14CD2FF1261FDD5 . 1198080 . . [8.00.7600.21158] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_79451d4f4b88cb32\wininet.dll
[-] 2012-02-28 . DE03C917EDED2A999C942A4F943D3068 . 1188864 . . [8.00.7601.17785] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_7a7e94c62fac6be0\wininet.dll
[-] 2012-02-28 . 063FB03BDCD3431E87550C7E7F0913EE . 1197568 . . [8.00.7600.16968] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_78b0d87632731417\wininet.dll
[-] 2012-02-28 . 05ED629EB0A11CAFB87EFB7847943312 . 1189376 . . [8.00.7601.21931] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_7b3a41eb48a517c0\wininet.dll
[-] 2011-12-16 . F6C45D1D448B38A3298505917710F047 . 1188864 . . [8.00.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_7aa8d42c2f8ce2c5\wininet.dll
[-] 2011-12-16 . A283F0C807968F45D50B9B8AC10BA438 . 1197568 . . [8.00.7600.16930] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_78c945ea3261f58c\wininet.dll
[-] 2011-12-16 . 5DCD862869A5E06F5A7E03EE22DDD738 . 1198080 . . [8.00.7600.21108] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_797b2ceb4b603f7d\wininet.dll
[-] 2011-12-16 . 7710ECF9F1355F986463D4351562439E . 1189376 . . [8.00.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_7b16025b48bf3bbe\wininet.dll
[-] 2011-11-05 . 4EFC156290537BB9706D3A7A1A4B8733 . 1188864 . . [8.00.7601.17720] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_7aba72dc2f804587\wininet.dll
[-] 2011-11-05 . 8F2CC83B92626A3B7E1DF360720FAD30 . 1189376 . . [8.00.7601.21855] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_7b28a15548b1b7d7\wininet.dll
[-] 2011-11-05 . A35680AEE7E4BEF4B2ADC1A380B8E31F . 1198080 . . [8.00.7600.21085] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_7921aac74ba3d5d9\wininet.dll
[-] 2011-11-05 . F12CB8EFB15813723575EE94C6A76E8B . 1197568 . . [8.00.7600.16912] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_78e0e656324ff058\wininet.dll
[-] 2011-08-20 . CB8E57622E5966A87D4D9859D4F12D8D . 1197568 . . [8.00.7600.16869] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_78b1d6da32723047\wininet.dll
[-] 2011-08-20 . F0822436F58BE708D33AB0B95E524812 . 1198080 . . [8.00.7600.21033] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_7955b9cf4b7d1776\wininet.dll
[-] 2011-08-20 . DB33A1489C1DA1F37AC2D84CB9756DD1 . 1188864 . . [8.00.7601.17671] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_7a8561a42fa7ed6c\wininet.dll
[-] 2011-08-20 . 2B4973A8A9D0336EEF6E10DBD6E5B87D . 1189376 . . [8.00.7601.21795] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_7afd5fbf48d22a74\wininet.dll
[-] 2011-06-21 . 1A36497983C867FB85FF1DCD4933015F . 1188864 . . [8.00.7601.17638] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_7ab7a35a2f812f09\wininet.dll
[-] 2011-06-21 . 463302B41295A7FCAAC655CCB5DE79F8 . 1197056 . . [8.00.7600.16839] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_78d2469e3259dc74\wininet.dll
[-] 2011-06-21 . 6ABD901E178675DFE86CCE75F2FAC9A5 . 1189376 . . [8.00.7601.21754] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_7b279f2548b2a159\wininet.dll
[-] 2011-06-21 . 66DD24C471324CB2EA747087846C122E . 1198080 . . [8.00.7600.20992] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_791401db4bae7283\wininet.dll
[-] 2011-04-22 . 2DCA688631F71722B0B5E57F526BB2EB . 1188864 . . [8.00.7601.17601] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_7ad111182f6f29d5\wininet.dll
[-] 2011-04-22 . 6A977E22D6D9077F2C9E617D89236297 . 1197056 . . [8.00.7600.16800] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_78e9b3c83249a492\wininet.dll
[-] 2011-04-22 . C57E3F0ED76CB54D7D355A6E089561FA . 1198080 . . [8.00.7600.20949] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_7951137d4b7f982f\wininet.dll
[-] 2011-04-22 . BC661E59AE2BC840C6D8165F170DE7DE . 1189376 . . [8.00.7601.21710] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_7b4eddad4895cc39\wininet.dll
[-] 2011-03-07 . AB026A724960570803E90DC370893BD0 . 1188864 . . [8.00.7601.17573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_7a8760522fa622f3\wininet.dll
[-] 2011-03-07 . 93679DC9407BFC602D7E6BFC027455E0 . 1189376 . . [8.00.7601.21676] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_7b13fdfb48c10ec2\wininet.dll
[-] 2011-02-24 . 4DAEEEE0248F5D85751B05D9C6DA28CC . 1197056 . . [8.00.7600.16766] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_78aed4163274e71b\wininet.dll
[-] 2011-02-24 . 5A33324B358D9B7E39424505EE242377 . 1198592 . . [8.00.7600.20908] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_797b52e34b600f14\wininet.dll
[-] 2010-12-21 . E71DB117DBDA6B33646F37936C17D226 . 1197056 . . [8.00.7600.16723] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_78d712e832572b52\wininet.dll
[-] 2010-12-21 . 1D3466E7E9D63F8B2B84A8AD5E833C29 . 1198080 . . [8.00.7600.20862] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_79346fb94b962189\wininet.dll
[-] 2010-12-18 . 8178D4C37F236BF810B2178415FE4949 . 1197056 . . [8.00.7600.16722] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_78d6129e325811fb\wininet.dll
[-] 2010-12-18 . 7EC667385C0D726C9D91D966886B7CFD . 1198080 . . [8.00.7600.20861] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_79336f6f4b970832\wininet.dll
[-] 2010-02-23 . 096698014315B32C84A7AFD4EA61FB6F . 1192960 . . [8.00.7600.16535] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_78ce3fc4325d7fa3\wininet.dll
[-] 2010-02-23 . DD9CA58E7DB6E64BAD127C7AD6FE1D08 . 1196032 . . [8.00.7600.20651] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_793e3b8f4b8ef1f3\wininet.dll
[-] 2009-12-19 . 46C47A10DB10E3055ADE41C4EB4FF7CA . 1192960 . . [8.00.7600.20600] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_79734ae14b674ce7\wininet.dll
[-] 2009-12-19 . 9C0E12FB8BD14397EC9CCA99EC0ED5A3 . 1192960 . . [8.00.7600.16490] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_78885ce43292ab6f\wininet.dll
[-] 2009-07-14 . B1037F0131C9A010D611F6914E03CD92 . 1193472 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll
[-] 2012-12-20 . 7B0C153254450192EAD602B992009F72 . 1198080 . . [8.00.7600.16385] .. c:\windows\system32\wininet.dll
.
[-] 2009-07-14 . 7083F463788CB34FCC42F565D56F89E8 . 296448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[-] 2009-07-14 . 7083F463788CB34FCC42F565D56F89E8 . 296448 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll
.
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll
.
[-] 2010-06-29 . AC8F79017C5C1FB316930EDEAD0AF517 . 2085376 . . [6.1.7600.16624] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16624_none_08527df30bd29da3\ole32.dll
[-] 2010-06-29 . 49401892E8305914A9E7F64C7000D6A6 . 2085376 . . [6.1.7600.20744] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.20744_none_08c67ae62500754f\ole32.dll
[-] 2009-07-14 . 4B25DDE615AC2CABAB73169CA7DA96E6 . 2084352 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_081299030c02672b\ole32.dll
[-] 2010-06-29 . AC8F79017C5C1FB316930EDEAD0AF517 . 2085376 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll
.
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe
.
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe
.
[-] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_29254ed1369e9d89\shsvcs.dll
[-] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll
.
[-] 2010-11-02 . 5269A787C24D968D291B22F7ED4955B1 . 1114624 . . [6.1.7600.20830] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.20830_none_8bb0c2c5c9ad095d\schedsvc.dll
[-] 2010-11-02 . 624D0F5FF99428BB90A5B8A4123E918E . 1114624 . . [6.1.7600.16699] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16699_none_8aef4726b0b7f821\schedsvc.dll
[-] 2009-07-14 . EC56B171F85C7E855E7B0588AC503EEA . 1104384 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16385_none_8af61038b0b37f5f\schedsvc.dll
[-] 2010-11-02 . 624D0F5FF99428BB90A5B8A4123E918E . 1114624 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2009-07-14 . 0F05EC2887BFE197AD82A13287D2F404 . 706560 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll
[-] 2009-07-14 . 0F05EC2887BFE197AD82A13287D2F404 . 706560 . . [6.1.7600.16385] .. c:\windows\system32\termsrv.dll
.
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_43f68e03b0fd4b38\ksuser.dll
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll
.
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\system32\msimg32.dll
.
[-] 2010-08-21 . BF5D71B4A40687A90C8B47F776758A6F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.20787_none_39fe18355266e2d8\comctl32.dll
[-] 2010-08-21 . BF5D71B4A40687A90C8B47F776758A6F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.20787_none_ede2ad2969983532\comctl32.dll
[-] 2010-08-21 . 70EF5DFEF7069164EACF7140C2CC6344 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.20787_none_2b43b51e45274037\comctl32.dll
[-] 2010-08-21 . D3EAD1CF16BA729A7F7C9A5D94AA7C05 . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2010-08-21 . D3EAD1CF16BA729A7F7C9A5D94AA7C05 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16661_none_39841986393e7322\comctl32.dll
[-] 2010-08-21 . D3EAD1CF16BA729A7F7C9A5D94AA7C05 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
[-] 2010-08-21 . 4B8DD8541C0E26602005DD0137333615 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
[-] 2009-07-14 . B62AA1BB1F63839051441D2C6DD7B775 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_39727524394b18eb\comctl32.dll
[-] 2009-07-14 . B62AA1BB1F63839051441D2C6DD7B775 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
[-] 2009-07-14 . 0FA436A553408CBEBA070E3182658DE3 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
.
[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7601.22010] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[-] 2012-06-02 . F2FDE6C8DBAAD44CC58D1E07E4AF4EED . 139264 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2012-06-02 . F2FDE6C8DBAAD44CC58D1E07E4AF4EED . 139264 . . [6.1.7600.17035] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[-] 2012-06-02 . EA8C26ECF1656D9647EF044F115EC6DA . 141312 . . [6.1.7600.21225] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7601.17856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[-] 2012-04-24 . 520A108A2657F4BCA7FCED9CA7D885DE . 139264 . . [6.1.7600.17008] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[-] 2012-04-24 . 06E771AA596B8761107AB57E99F128D7 . 140288 . . [6.1.7601.17827] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[-] 2012-04-24 . F522279B4717E2BFF269C771FAC2B78E . 141312 . . [6.1.7600.21199] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
[-] 2012-04-24 . 21993009E0CCB9B4FA195F14D3408626 . 142336 . . [6.1.7601.21979] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[-] 2009-07-14 . 9C231178CE4FB385F4B54B0A9080B8A4 . 135680 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
.
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
.
[-] 2009-07-14 . 0DE3069D6E09BA262856EF31C941BEFE . 119808 . . [6.1.7600.16385] .. c:\windows\SysWOW64\imm32.dll
[-] 2009-07-14 . 0DE3069D6E09BA262856EF31C941BEFE . 119808 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_c29fba0fc87cc5a4\imm32.dll
.
[-] 2013-01-04 . 7E55988F5CB3BA67E2732370E8D71BBB . 1114112 . . [6.1.7601.22209] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll
[-] 2013-01-04 . 385BE92E3106491BBB542F8F1C06C606 . 1114112 . . [6.1.7600.17179] .. c:\windows\SysWOW64\kernel32.dll
[-] 2013-01-04 . 385BE92E3106491BBB542F8F1C06C606 . 1114112 . . [6.1.7600.17179] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_fa5ee836a41ba799\kernel32.dll
[-] 2013-01-04 . F9F6CD9EF1F6C896A56B5259B81027D9 . 1114112 . . [6.1.7600.21416] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_faddb6fbbd41607b\kernel32.dll
[-] 2012-11-30 . C95793F4BE3471AEED92F5BF367BE69E . 1114112 . . [6.1.7600.17179] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll
[-] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[-] 2012-11-30 . E747ADB6223DBBE1BB138F08A09ADAD6 . 1114112 . . [6.1.7600.21386] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll
[-] 2012-10-04 . DE7A37CB1F48526A78A2D42786411578 . 1114112 . . [6.1.7600.21335] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll
[-] 2012-10-04 . A6778FC49011313995A4D718F624CC74 . 1114112 . . [6.1.7600.17135] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll
[-] 2012-10-04 . D4F3176082566CEFA633B4945802D4C4 . 1114112 . . [6.1.7601.17965] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
[-] 2012-10-04 . 5FA395364EE727E4BEE6B1406C207F98 . 1114112 . . [6.1.7601.22125] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
[-] 2012-08-20 . 85660067ECD49B6E302347EFCC2F72A5 . 1114112 . . [6.1.7600.21306] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_fae88501bd394763\kernel32.dll
[-] 2012-08-20 . 9B98D47916EAD4F69EF51B56B0C2323C . 1114112 . . [6.1.7601.17932] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll
[-] 2012-08-20 . 305681B4B695D4A888B941965FFC2C17 . 1114112 . . [6.1.7601.22091] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll
[-] 2012-08-18 . 33616DACC75C9E105DAE944120DB4274 . 1114112 . . [6.1.7600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_fa5fe69aa41ac3c9\kernel32.dll
[-] 2011-07-16 . D3CB12854171DF61D117D7C2BF22C675 . 1114112 . . [6.1.7601.21772] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll
[-] 2011-07-16 . 4EA99F1644627B1EBAD99D0B93CDEE1C . 1048576 . . [6.1.7600.16850] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_fa22f90aa449708d\kernel32.dll
[-] 2011-07-16 . 99C3F8E9CC59D95666EB8D8A8B4C2BEB . 1114112 . . [6.1.7601.17651] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll
[-] 2011-07-16 . 2113248DB2D1AF9CA790B09F3E6C6E85 . 1114112 . . [6.1.7600.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_fad7ada7bd46d3d5\kernel32.dll
[-] 2011-06-03 . 6EB2AEE15C20681E323E9A3E334FE6CF . 1114112 . . [6.1.7600.20978] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_fa9ef84dbd7012f1\kernel32.dll
[-] 2011-05-14 . CC5CBC069944E7EA70D8674478A70A37 . 837632 . . [6.1.7601.21728] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll
[-] 2011-05-14 . 40EACEE0B6432CBE2459A11B298E9D88 . 837120 . . [6.1.7600.16816] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_fa543a76a42398d3\kernel32.dll
[-] 2011-05-14 . 166116134C58DC36400DE59ACD64FB39 . 837632 . . [6.1.7601.17617] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll
[-] 2009-07-14 . 606ECB76A424CC535407E7A24E2A34BC . 836608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll
.
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll
.
[-] 2012-12-16 . BF6CDA72E4112DAC01E2ED8911C3FD74 . 25600 . . [6.1.7600.21402] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_10f9b8f6c177b3cc\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\SysWOW64\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_101cb471a89825ee\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_107034d9a859f788\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_1046f5bda87899fa\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16734_none_1051cb5ba870757e\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16763_none_10305b4da889affa\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17159_none_10410ac9a87c56ca\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_1010c9a7a8a147db\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_109e822ec1bb2dae\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_10c4c252c19f3c5e\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20875_none_10b128c0c1ad9e63\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20905_none_10fcda1ac174d7f3\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21362_none_10b8d788c1a85e4b\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_123b293fa5942d6f\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_1216b853a5b01be6\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17991_none_11f44f93a5ca31a7\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_12360787a598d69a\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_12c3c5c0beb2b3e2\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_12a15568beccd507\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_12ab04c4bec5c79d\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_1281c5a8bee46a0f\lpk.dll
.
[-] 2013-01-08 . 49928B5D30C5924BB3A385204030C7B9 . 6031872 . . [8.00.7600.16385] .. c:\windows\SysWOW64\mshtml.dll
[-] 2013-01-08 . 49928B5D30C5924BB3A385204030C7B9 . 6031872 . . [8.00.7600.17209] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17209_none_94a15da6e6f8de89\mshtml.dll
[-] 2013-01-08 . 3F9AE52FA4C469FBDE42CF0A386CDCC9 . 6032384 . . [8.00.7600.21419] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21419_none_95202c6c001e976b\mshtml.dll
[-] 2013-01-04 . A000F3F12437641F05A840BC6E197C82 . 6032384 . . [8.00.7600.21393] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21393_none_94c3a96a0064e1c2\mshtml.dll
[-] 2013-01-04 . B61C48277ABB5EA3840E8416369ED10B . 6029824 . . [8.00.7600.17185] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17185_none_9446db38e73d5b8e\mshtml.dll
[-] 2013-01-04 . 0ECEDD5CC58B3C88DB418A2C0DFA7BC5 . 6030336 . . [8.00.7601.22185] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22185_none_96b6d6effd81646b\mshtml.dll
[-] 2013-01-04 . 2F83E05045CE9FCDE2F0986C4F5DC171 . 6029824 . . [8.00.7601.18021] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18021_none_966a1884e436b79f\mshtml.dll
[-] 2012-12-20 . E58E0407AEC39A3F236964AAA978B9F7 . 6030848 . . [8.00.7601.22199] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22199_none_96b0082bfd85e5b8\mshtml.dll
[-] 2012-12-20 . BB2AFAA76FCB29CF9293E27D2C6F6176 . 6030336 . . [8.00.7601.18035] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18035_none_966349c0e43b38ec\mshtml.dll
[-] 2012-11-12 . 299ED7BD35F503E8ECC3F50DCCE4A1D1 . 6029312 . . [8.00.7601.22160] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_96c77555fd75add6\mshtml.dll
[-] 2012-11-12 . E6398412C907EB15E34A7BBDBBB4B559 . 6031360 . . [8.00.7600.21369] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21369_none_94ea1aea004725f9\mshtml.dll
[-] 2012-11-12 . 48892C6C23E99FE5E4DF1909CE96FEC9 . 6028800 . . [8.00.7601.17998] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_962592f4e468f955\mshtml.dll
[-] 2012-11-12 . 750D6A1244A4B70630DFC4A049D7CADF . 6029824 . . [8.00.7600.17166] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17166_none_945d7b5ae72c3d03\mshtml.dll
[-] 2012-08-24 . 430494941817D854E464757F61844143 . 6029824 . . [8.00.7600.17115] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17115_none_94928aace70497f7\mshtml.dll
[-] 2012-08-24 . 4DB3EDDEF4DE6CDDC9B182D1084FD9B7 . 6030336 . . [8.00.7600.21313] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21313_none_951a28ca0024023a\mshtml.dll
[-] 2012-08-24 . A0F4562078B59503B48DB4C37EAF7BA0 . 6028800 . . [8.00.7601.17940] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17940_none_9653a040e447a2e8\mshtml.dll
[-] 2012-08-24 . 8BEE1050DA397A0E21169FFA3BFF22ED . 6028800 . . [8.00.7601.22099] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22099_none_96b00645fd85e891\mshtml.dll
[-] 2012-06-27 . 9B478AED35C581599B5ECAADFD903D55 . 6029824 . . [8.00.7600.21245] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21245_none_94fbb7b4003a8b94\mshtml.dll
[-] 2012-06-27 . 78BE0D39F8D491A990C16C99E4C81E41 . 6029312 . . [8.00.7600.17051] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17051_none_946347eee728a538\mshtml.dll
[-] 2012-06-27 . 3817C93AB6E32D0D00CB87CDEAB7104E . 6027776 . . [8.00.7601.17874] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17874_none_96372fbee45c5ef0\mshtml.dll
[-] 2012-06-27 . 116201EB8D589286DCE22E5ACC7B1147 . 6028288 . . [8.00.7601.22032] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22032_none_96e9e3c7fd5b8f8a\mshtml.dll
[-] 2012-04-20 . B9F0DAC554B9B90C32C2E91A83979BA7 . 6028288 . . [8.00.7600.17006] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17006_none_949e58fce6fb9836\mshtml.dll
[-] 2012-04-20 . A2C3C40A0633B45809DAA328DBF902E7 . 6027776 . . [8.00.7601.17824] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17824_none_966d3f5ae433d33b\mshtml.dll
[-] 2012-04-20 . 55FA29B4F4C96D8B221C363BEA1D27F9 . 6029824 . . [8.00.7600.21198] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21198_none_94c8a71000606627\mshtml.dll
[-] 2012-04-20 . 9D29A624DED6C011FD0139D540AA21A0 . 6027776 . . [8.00.7601.21976] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21976_none_96c2cd1dfd783168\mshtml.dll
[-] 2012-02-28 . 384CEE4A16E93BBDB72B2F45295C8D78 . 6000640 . . [8.00.7600.21158] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21158_none_94f3e6c0003ff663\mshtml.dll
[-] 2012-02-28 . A02495541347031DA24D19806B147B3F . 5998592 . . [8.00.7600.16968] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16968_none_945fa1e6e72a3f48\mshtml.dll
[-] 2012-02-28 . 624A8FC27001639D08F3558FBB607187 . 5998080 . . [8.00.7601.17785] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17785_none_962d5e36e4639711\mshtml.dll
[-] 2012-02-28 . 07B90528507189F3DD6AA132FDAA23BB . 5998592 . . [8.00.7601.21931] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21931_none_96e90b5bfd5c42f1\mshtml.dll
[-] 2011-12-16 . D829890A3CE83EE4332D2BE11755E590 . 5998080 . . [8.00.7601.21878] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21878_none_96c4cbcbfd7666ef\mshtml.dll
[-] 2011-12-16 . 65631F456004E4DF6ADD6F8C2550FEA2 . 5999104 . . [8.00.7600.16930] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16930_none_94780f5ae71920bd\mshtml.dll
[-] 2011-12-16 . BDB0402589BDD0D47D0CE9B2A0187D94 . 5997568 . . [8.00.7601.17744] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17744_none_96579d9ce4440df6\mshtml.dll
[-] 2011-12-16 . 41ADBC5327BBDD802266B965B9DC9C9B . 6000640 . . [8.00.7600.21108] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21108_none_9529f65c00176aae\mshtml.dll
[-] 2011-11-05 . 9B2203A026436B0CE445819356619C06 . 5997568 . . [8.00.7600.16912] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16912_none_948fafc6e7071b89\mshtml.dll
[-] 2011-11-05 . 1F0D01939CADBFE8945E788F39662E8E . 5999616 . . [8.00.7600.21085] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21085_none_94d07438005b010a\mshtml.dll
[-] 2011-11-05 . 61C09B5AD2932538659D133C875DBB0F . 5997056 . . [8.00.7601.17720] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17720_none_96693c4ce43770b8\mshtml.dll
[-] 2011-11-05 . 3E218028099F62CA630E2AFE936F1F0D . 5997568 . . [8.00.7601.21855] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21855_none_96d76ac5fd68e308\mshtml.dll
[-] 2011-10-01 . E16F0A71B984E06FE0A90A2E2E227B23 . 5991936 . . [8.00.7601.21830] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21830_none_96e8092bfd5d2c73\mshtml.dll
[-] 2011-10-01 . BE58B60C0FFCD769DB77BB072DDBCDA7 . 5990912 . . [8.00.7600.16891] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16891_none_94382e36e748e493\mshtml.dll
[-] 2011-10-01 . 146D5F5CEB1A89369B6D559ED5182B07 . 5991936 . . [8.00.7600.21062] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21062_none_94e31332004d7d23\mshtml.dll
[-] 2011-10-01 . 009751094A5A9041723D635AF249DC6F . 5990400 . . [8.00.7601.17699] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17699_none_96268d8ce4681b37\mshtml.dll
[-] 2011-07-22 . CF3C3365DC28AB97636BF11E9BB67927 . 5988864 . . [8.00.7601.21776] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21776_none_96c2c951fd78371a\mshtml.dll
[-] 2011-07-22 . A56EBB1297F12728CF8EE028B7964E06 . 5989376 . . [8.00.7600.16853] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16853_none_94656e7ae726a77d\mshtml.dll
[-] 2011-07-22 . DD64818174A695E8EC766E50297AB854 . 5988864 . . [8.00.7601.17655] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17655_none_964dcc14e44b4617\mshtml.dll
[-] 2011-07-22 . A3EF4E2490DD7CD6C4601FE3FDE34535 . 5990912 . . [8.00.7600.21013] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21013_none_951a231800240ac5\mshtml.dll
[-] 2011-05-28 . 0C32D9FF0FC163239C4B052FE6EFA8E7 . 5984768 . . [8.00.7601.21735] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21735_none_96ed08b7fd58adff\mshtml.dll
[-] 2011-05-28 . C57C1B54D6038C0B5AC031C8E920BAF4 . 5984768 . . [8.00.7600.20975] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20975_none_94db6c020052b1d7\mshtml.dll
[-] 2011-05-28 . 1816D4CF1A7CBB72298AB120059226D4 . 5984256 . . [8.00.7600.16821] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16821_none_9483ddaae71020fc\mshtml.dll
[-] 2011-05-28 . F5B7C30075207A165FF2EED1FF89AB8D . 5984768 . . [8.00.7601.17622] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17622_none_966b3afae435a63f\mshtml.dll
[-] 2011-03-07 . 3D2F69861D7B24A3C5B0473583FE3D9D . 5981696 . . [8.00.7601.17573] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_963629c2e45d4e24\mshtml.dll
[-] 2011-03-07 . 5E87C06B924495F6FA381391FDE0C9D4 . 5981696 . . [8.00.7601.21676] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_96c2c76bfd7839f3\mshtml.dll
[-] 2011-02-24 . F861A76F208BD31031A91412AA77BD4F . 5982720 . . [8.00.7600.20908] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_952a1c5400173a45\mshtml.dll
[-] 2011-02-24 . C75417DD80FE9D56A906DD9DA791ED6F . 5981696 . . [8.00.7600.16766] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_945d9d86e72c124c\mshtml.dll
[-] 2011-01-07 . 1C6045D48179D15A843486D12BEC0EAF . 5980672 . . [8.00.7601.17537] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_96656a9ae43943bc\mshtml.dll
[-] 2011-01-07 . 1011333570E1CECAE8FAC34C8D9461BC . 5980672 . . [8.00.7601.21636] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_96ee071bfd57ca2f\mshtml.dll
[-] 2010-12-18 . 6E9E2D2DC298FE9A3A3C164FB8A2C9EA . 5980672 . . [8.00.7600.16722] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_9484dc0ee70f3d2c\mshtml.dll
[-] 2010-12-18 . A8B89A12E7A379AC443FB002F4AAB51F . 5980672 . . [8.00.7600.20861] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_94e238e0004e3363\mshtml.dll
[-] 2010-02-23 . 49E3588AFD08BE40A9775BF3FB9D43F1 . 5964800 . . [8.00.7600.16535] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_947d0934e714aad4\mshtml.dll
[-] 2010-02-23 . DA9D73D95D2B74742D4936739B1D9669 . 5966336 . . [8.00.7600.20651] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20651_none_94ed050000461d24\mshtml.dll
[-] 2009-12-19 . 96990605689B601287D4A83DD2B05F0B . 5962240 . . [8.00.7600.20600] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_95221452001e7818\mshtml.dll
[-] 2009-12-19 . 6EE36579E69E37D2AB2926A40B16DBB3 . 5961728 . . [8.00.7600.16490] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_94372654e749d6a0\mshtml.dll
[-] 2009-11-19 . F8F43D14BA21CF92D16B3A16A958778B . 5958656 . . [8.00.7600.16466] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_945d97d4e72c1ad7\mshtml.dll
[-] 2009-11-19 . 31F80311F487ABA186A10E551B212573 . 5959168 . . [8.00.7600.20579] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_94df6592004f2297\mshtml.dll
[-] 2009-10-19 . 5F0851C767DE71C261283D423650FAC9 . 5958656 . . [8.00.7600.16444] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16444_none_94713718e71db047\mshtml.dll
[-] 2009-10-19 . FE1B4F611CFF0B442CEC979BE1CDDF77 . 5958656 . . [8.00.7600.20553] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20553_none_94ef03ae004452ab\mshtml.dll
[-] 2009-09-05 . 56F5053760581989A9BC7A47E916F661 . 5958656 . . [8.00.7600.16419] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16419_none_9496a84ee700db27\mshtml.dll
[-] 2009-09-05 . A89E3948B2EFC55F642FE1FE2CDA2D9E . 5958656 . . [8.00.7600.20521] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20521_none_950d72de002dcc2a\mshtml.dll
[-] 2009-07-14 . 43592D31AFF84DD957199248898D9430 . 5957632 . . [8.00.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . F8A61B2E713309B4616D107919BDAB6E . 690688 . . [7.0.7600.16930] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-16 . F8A61B2E713309B4616D107919BDAB6E . 690688 . . [7.0.7600.16930] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2011-12-16 . 10142C1975202A767C0EDB3BC066FD88 . 690688 . . [7.0.7600.21108] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2009-07-14 . 11A41F17527ED75D6B758FDD7F4FD00D . 232448 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll
[-] 2009-07-14 . 11A41F17527ED75D6B758FDD7F4FD00D . 232448 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
.
[-] 2009-07-14 . EAA75D9000B71F10EEC04D2AE6C60E81 . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll
[-] 2009-07-14 . EAA75D9000B71F10EEC04D2AE6C60E81 . 563712 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
.
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[-] 2009-07-14 . 26073302DAEA83CC5B944C546D6B47D2 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll
[-] 2009-07-14 . 26073302DAEA83CC5B944C546D6B47D2 . 175616 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
.
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[-] 2009-07-14 . 2F46B0C70A4ADC8C90CF825DA3B4FEAF . 241664 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2009-07-14 . 2F46B0C70A4ADC8C90CF825DA3B4FEAF . 241664 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_e3132eff46462df0\tapisrv.dll
.
[-] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[-] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
[-] 2009-07-14 . 6DE80F60D7DE9CE6B8C2DDFDF79EF175 . 26112 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe
[-] 2009-07-14 . 6DE80F60D7DE9CE6B8C2DDFDF79EF175 . 26112 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
.
[-] 2012-12-20 . 6F5EF9687B17FACD529C8EEC61791A01 . 982528 . . [8.00.7600.21406] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21406_none_1d5a96859304930e\wininet.dll
[-] 2012-12-20 . ED5F1E888F7D75EE5C8590A155423720 . 982016 . . [8.00.7601.22199] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22199_none_1ee2a33790714951\wininet.dll
[-] 2012-12-20 . 6EE6F7BFF92590051ACFA519AEE8ACE5 . 981504 . . [8.00.7600.16385] .. c:\windows\SysWOW64\wininet.dll
[-] 2012-12-20 . 6EE6F7BFF92590051ACFA519AEE8ACE5 . 981504 . . [8.00.7600.17197] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17197_none_1c70a6ec7a2f0dc6\wininet.dll
[-] 2012-12-20 . 6554DA6A01F14B3F017161879C8DB9BC . 981504 . . [8.00.7601.18035] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18035_none_1e95e4cc77269c85\wininet.dll
[-] 2012-10-27 . 42C671E0525618E23371D0E68282F37C . 981504 . . [8.00.7601.17984] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17984_none_1e5efcc4774fdba1\wininet.dll
[-] 2012-10-27 . 703CD7A8E6F8A233118E8070B5FB7C1F . 981504 . . [8.00.7600.17153] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17153_none_1c97e5747a1238a6\wininet.dll
[-] 2012-10-27 . 16E1C86531C6DDA240D2A64603D99F99 . 982528 . . [8.00.7600.21355] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21355_none_1d2384b9932e0845\wininet.dll
[-] 2012-10-27 . 5CD2659F5F1728C7A71D4A15AA4A7D53 . 982016 . . [8.00.7601.22145] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22145_none_1f14b1ab904c5840\wininet.dll
[-] 2012-08-24 . 4408FA39C6DCF639C6CC34059E201D16 . 981504 . . [8.00.7600.17115] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17115_none_1cc525b879effb90\wininet.dll
[-] 2012-08-24 . C37D28AF883DD7A461D7C4A1E61AA42D . 982528 . . [8.00.7600.21313] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21313_none_1d4cc3d5930f65d3\wininet.dll
[-] 2012-08-24 . 0D5ADA91A4176674D12DC990DD022E84 . 982016 . . [8.00.7601.22099] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22099_none_1ee2a15190714c2a\wininet.dll
[-] 2012-08-24 . 4F4E2103C7F8A2AB6679071855549C93 . 981504 . . [8.00.7601.17940] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17940_none_1e863b4c77330681\wininet.dll
[-] 2012-06-27 . 7BD5EBE065E3F8632504BE397B5C640F . 982528 . . [8.00.7600.21245] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21245_none_1d2e52bf9325ef2d\wininet.dll
[-] 2012-06-27 . 552D000E5D6CD1310D8510515B305FFE . 981504 . . [8.00.7600.17051] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17051_none_1c95e2fa7a1408d1\wininet.dll
[-] 2012-06-27 . 58CFAE82CC4092C5988555B73CD557B8 . 981504 . . [8.00.7601.17874] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17874_none_1e69caca7747c289\wininet.dll
[-] 2012-06-27 . 54D506A1F7D9E1AF6439F7A06CC6488A . 982016 . . [8.00.7601.22032] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22032_none_1f1c7ed39046f323\wininet.dll
[-] 2012-05-15 . 9B086D98370BA0219F6805675D38DDA7 . 981504 . . [8.00.7600.17024] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\wininet.dll
[-] 2012-05-15 . BBC4EE1EC1B484B710499FA74639DABA . 982528 . . [8.00.7600.21215] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\wininet.dll
[-] 2012-05-15 . 2606B35DDADCA19BEA9A08033C621B97 . 981504 . . [8.00.7601.17842] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\wininet.dll
[-] 2012-05-15 . 3E5195AB78F4DCE48E04CC6979D9B428 . 982016 . . [8.00.7601.21995] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\wininet.dll
[-] 2012-02-28 . 6D57EAE6BC922EC56DBD9EF4AD9986BD . 982016 . . [8.00.7600.21158] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\wininet.dll
[-] 2012-02-28 . F09F1A921CB0F1B708D23CC58F8EB21E . 981504 . . [8.00.7600.16968] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\wininet.dll
[-] 2012-02-28 . 7CCA8574A3B9BB41A4150739E21F1B23 . 981504 . . [8.00.7601.17785] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\wininet.dll
[-] 2012-02-28 . 6A5778483A8023B4DB9C5A509D382392 . 982016 . . [8.00.7601.21931] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\wininet.dll
[-] 2011-12-16 . 808C0CE9D4DBC0A6F72761294EB10FB2 . 982016 . . [8.00.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\wininet.dll
[-] 2011-12-16 . 653109C31F7F190072C9E4DF31154225 . 981504 . . [8.00.7600.16930] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\wininet.dll
[-] 2011-12-16 . BDB7450CC556F238FD973C9DA300FEB8 . 981504 . . [8.00.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\wininet.dll
[-] 2011-12-16 . 8DFDD881CEF74ED749BA968E060418CA . 982016 . . [8.00.7600.21108] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\wininet.dll
[-] 2011-11-05 . E49448ACD38A375E4FBCCB87056E1467 . 982016 . . [8.00.7600.21085] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\wininet.dll
[-] 2011-11-05 . 7F5B51FACA193430346970283C50769F . 981504 . . [8.00.7600.16912] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\wininet.dll
[-] 2011-11-05 . 19714FA7D7204D9BEE1EE12791DA9010 . 981504 . . [8.00.7601.17720] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\wininet.dll
[-] 2011-11-05 . 1903228FE0C7D402B26A217F8D7713FD . 982016 . . [8.00.7601.21855] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\wininet.dll
[-] 2011-08-20 . 7570FA3FC82E08FB637E32D2D95DB41D . 981504 . . [8.00.7601.21795] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll
[-] 2011-08-20 . 1DBC7303366C0C9B80E51C4B4BECB7ED . 981504 . . [8.00.7600.16869] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll
[-] 2011-08-20 . 79FFA6C81F9F5B2244C5668D08387EA6 . 982016 . . [8.00.7600.21033] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll
[-] 2011-08-20 . DBF24E87CB605A4F6E7424DD86F7A62C . 981504 . . [8.00.7601.17671] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll
[-] 2011-06-21 . D1E7C4FA045B34C32D12BFBB415EBE1B . 981504 . . [8.00.7601.21754] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_1f0903a190553023\wininet.dll
[-] 2011-06-21 . EE0D7471EBF9CE40CC4A203B1F90F028 . 981504 . . [8.00.7600.16839] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_1cb3ab1a79fc6b3e\wininet.dll
[-] 2011-06-21 . 748FD4CAB1AFFD90A9556EB7D5AA1FEB . 981504 . . [8.00.7601.17638] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_1e9907d67723bdd3\wininet.dll
[-] 2011-06-21 . 6DC5A5F57FACFF20149F04440BB4523C . 982016 . . [8.00.7600.20992] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_1cf566579351014d\wininet.dll
[-] 2011-04-22 . 7A11DB452989040AD8570A3DCE2E9DE2 . 981504 . . [8.00.7601.21710] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_1f30422990385b03\wininet.dll
[-] 2011-04-22 . 27CDAF355CCE3762C7F13719E814418B . 981504 . . [8.00.7600.16800] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_1ccb184479ec335c\wininet.dll
[-] 2011-04-22 . E391DB6E8CA3638B9772A990E6D280FF . 982016 . . [8.00.7600.20949] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_1d3277f9932226f9\wininet.dll
[-] 2011-04-22 . 2CA020EACDC6DDB2BEA89FEA02C90945 . 981504 . . [8.00.7601.17601] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_1eb275947711b89f\wininet.dll
[-] 2011-03-07 . A5B19B240901CAB0C8E7767D2873613E . 981504 . . [8.00.7601.17573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll
[-] 2011-03-07 . EDEB2904636B657782F824D8FF97D0B8 . 981504 . . [8.00.7601.21676] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll
[-] 2011-02-24 . DA2950BAD7306006EBA77DD93CC42690 . 982016 . . [8.00.7600.20908] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll
[-] 2011-02-24 . 214605C48AE416BC067C39D227CFCC57 . 981504 . . [8.00.7600.16766] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll
[-] 2010-12-21 . 78B9ADA2BC8946AF7B17678E0D07A773 . 981504 . . [8.00.7600.16723] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll
[-] 2010-12-21 . 1B3DD46BC6396143A205EAAF05F38039 . 981504 . . [8.00.7600.20862] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll
[-] 2010-12-18 . F019FCA21F609E34B79AE130681D08F7 . 981504 . . [8.00.7600.16722] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll
[-] 2010-12-18 . 025031C16D3A486F6AFE1C9B2FB1ADE0 . 981504 . . [8.00.7600.20861] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll
[-] 2010-02-23 . 99A6F1253A886C4A9C1F8E1822B10A80 . 977920 . . [8.00.7600.16535] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll
[-] 2010-02-23 . 0962CB2A9E6B4363C74249A4A5CCDBBF . 980480 . . [8.00.7600.20651] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll
[-] 2009-12-19 . 23587164011EC849E58E229ABC49E239 . 977920 . . [8.00.7600.20600] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_1d54af5d9309dbb1\wininet.dll
[-] 2009-12-19 . F1C359CE656BD76F90E0E6C4BC04A4BE . 977920 . . [8.00.7600.16490] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_1c69c1607a353a39\wininet.dll
[-] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
[-] 2009-07-14 . DAAE8A9B8C0ACC7F858454132553C30D . 206336 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2009-07-14 . DAAE8A9B8C0ACC7F858454132553C30D . 206336 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
.
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2help.dll
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll
.
[-] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.20910] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[-] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16768] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[-] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7601.21669] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7601.17567] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[-] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.20563] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[-] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16450] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[-] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.20500] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[-] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16404] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[-] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 398336 . . [6.1.7600.16385] .. c:\windows\regedit.exe
.
[-] 2010-06-29 . E2C2D8C982316C8ABF800C6CE3F28FAB . 1413632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[-] 2010-06-29 . E2C2D8C982316C8ABF800C6CE3F28FAB . 1413632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16624_none_ac33e26f53752c6d\ole32.dll
[-] 2010-06-29 . 40E6BF57F6A923038B94C07387118089 . 1414144 . . [6.1.7600.20744] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.20744_none_aca7df626ca30419\ole32.dll
[-] 2009-07-14 . 4ACB903AD1693858A918907358CBD9E4 . 1412608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_abf3fd7f53a4f5f5\ole32.dll
.
[-] 2012-11-22 . 011B7A81E28C748D7631CF3D72323DD2 . 627712 . . [1.0626.7600.17174] .. c:\windows\SysWOW64\usp10.dll
[-] 2012-11-22 . 011B7A81E28C748D7631CF3D72323DD2 . 627712 . . [1.0626.7600.17174] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.17174_none_acda843fb9c8dfaa\usp10.dll
[-] 2012-11-22 . CA68408922B02E8D955A2967C7CBF8CE . 626688 . . [1.0626.7601.22171] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll
[-] 2012-11-22 . 36CD8D6EBCE6468BBEEB8BF175980F53 . 626688 . . [1.0626.7600.21379] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.21379_none_ad692462d2e1fb4e\usp10.dll
[-] 2012-11-22 . B7230010D97787AF3D25E4C82F2B06B9 . 626688 . . [1.0626.7601.18009] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll
[-] 2009-07-14 . 0BA19F3198C40AC4E8CC66EE02EDA6C6 . 627200 . . [1.0626.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll
.
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ksuser.dll
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_e7d7f27ff89fda02\ksuser.dll
.
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[-] 2009-07-14 . CD2E48FA5B29EE2B3B5858056D246EF2 . 328192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2009-07-14 . CD2E48FA5B29EE2B3B5858056D246EF2 . 328192 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_3379f9236aff5f84\shsvcs.dll
.
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\msimg32.dll
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll
.
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\SysWOW64\wininit.exe
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ias.dll
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7600.16385_none_f8d730c7a3d9d889\ias.dll
.
[-] 2010-08-31 04:32 . 1B3A500340AC40F08D03A2C45213A17D . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-08-31 04:32 . 1B3A500340AC40F08D03A2C45213A17D . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16666_none_f3000dfcb6d2a7e4\mfc40u.dll
[-] 2010-08-31 04:25 . A716981A8BB41F4149203687EE2D1BE4 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.20791_none_f3643991d00d1cce\mfc40u.dll
[-] 2009-07-14 01:15 . F8742FC618ECBDA92A406725197E93AE . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16385_none_f2e96828b6e3cefa\mfc40u.dll
.
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\SysWOW64\upnphost.dll
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll
.
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[-] 2009-07-14 . 7459301D21C2E21468823F73042D9F87 . 1826816 . . [6.1.7600.16385] .. c:\windows\SysWOW64\d3d9.dll
[-] 2009-07-14 . 7459301D21C2E21468823F73042D9F87 . 1826816 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d9.dll
.
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ddraw.dll
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[-] 2009-07-14 01:16 . C10459DBDC2099C5A8428CB7D87DB85F . 90112 . . [6.1.7600.16385] .. c:\windows\SysWOW64\olepro32.dll
[-] 2009-07-14 01:16 . C10459DBDC2099C5A8428CB7D87DB85F . 90112 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7600.16385_none_39ea10b66307dbef\olepro32.dll
.
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll
.
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\version.dll
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll
.
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_cb895be592db1acb\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2010-07-07 17:57    153064    ----a-w-    c:\windows\SysWOW64\pfmshx_463.dll
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-01-14 295088]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2010-08-11 11776]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 78336]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 181248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2010-08-11 121344]
R3 ZTEusbwwan;ZTE MBN Miniport;c:\windows\system32\DRIVERS\ZTEusbwwan.sys [2010-08-11 235520]
R4 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R4 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R4 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe [2007-11-28 1039872]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R4 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R4 VmbService;Vodafone Mobile Broadband Service;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-08-18 8704]
R4 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-13 1255736]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
S1 pfmfs_463;pfmfs_463;c:\windows\system32\Drivers\pfmfs_463.sys [2010-07-07 249704]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2010-03-19 81920]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 vodafone_K380x-z_dc_enum;vodafone_K380x-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K380x-z_dc_enum.sys [2010-05-20 75776]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-24 20:13    1629648    ----a-w-    c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 23:12]
.
2013-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 14:05]
.
2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 14:05]
.
2013-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1104683146-4259283072-3995319266-1000Core.job
- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-27 21:16]
.
2013-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1104683146-4259283072-3995319266-1000UA.job
- c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-27 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2010-07-07 17:57    173544    ----a-w-    c:\windows\System32\pfmshx_463.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=d443cd20000000000000e839df4cf4d8&tlver=1.4.19.19&affID=17160
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 172.19.10.5 172.19.10.5
TCP: Interfaces\{75AFCD3F-F5B1-4897-A35C-22CE030BD495}: NameServer = 88.82.13.60 88.82.13.60
TCP: Interfaces\{B222124C-19C4-4CA9-8DB1-73D89F253353}: NameServer = 120.234.4.13,129.234.4.9
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120208062139
FF - ProfilePath - c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\a7bol0dy.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-BsScanner
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-01  14:56:09
ComboFix-quarantined-files.txt  2013-04-01 13:56
.
Pre-Run: 52,608,442,368 bytes free
Post-Run: 52,268,535,808 bytes free
.
- - End Of File - - 49754B02F1170B1D197BBDBD13608DA9
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users