Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Limited access only safe mode and It fights back.


  • This topic is locked This topic is locked
7 replies to this topic

#1 air1

air1

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa texas
  • Local time:08:42 AM

Posted 09 December 2014 - 01:48 PM

I wrote a  sceince fiction like story about my experience but I was moving to this forum and my computer is in a mode where the security causes the browser to not save what I write and if my desktop is diverted away from thie window provided by this site it erases all my work.
I went off screen it erased everything and since I am slow at typing I digress. So here is a shorter version of what I think may be helpful and left the very interesting and alarming nature of this virus out of this post.
 
It came it saw they fought... Combo-fix lost... my fault.... I did not read the forums until after I ran combo fix.
I just got in a furry and threw everything at this virus but did I know that you guys here had the good stuff because i read a lot 5 years agon so I knew that what I downloaded would be tested and found to be effective and.I knew not to mess with hijack-this and the registry stuff. I tried that before and found it harder to read those reports than i thought.it would be. Well combo fix turned to be a registry hacker also.  
 
I think I picked it up in a force ware. which loaded extensions named Save right ahhhhh you tube blocker and something else. Volstead or something. I uhh went programs and features and found three programs installed themselves and back dated the time stamp to last year 2013. I goggled the name on the software and it called itself by a word that was coined by a science dealing with a theory in where time can actually be manipulated and used by the realization and understanding of the theory of like running many virtual instance at one time and then placing a subject into it and then if the subject believe it is in another time with no doubt then it is in his reality he truly will fold  to the real instance in time.  I forgot the word.. I am slow.
Then a glitch in the screen it flashes a couple of time and windows prompts me to send a report to HP.Offers a window up to send it already pre loaded to go and I say yes... and nothing happens. 
 
So it does it a few more times and when I go to device manager there is a driver with the yellow warning sign on it. So I automatically assume that the one but now I look back and it was listed in the system devices and that most likely would not be affecting a flash in my screen. I googled the name SXUPT or something and read reports by consumers that led me to downloading another driver and I loaded it on and it was a big file and then I almost loaded another one they were leading me to believe was apart of it but reading carefully after seeing how big the other driver download really was. It came with its own installer which I realize now gives it room to disregard the normal permissions. Oh well Im just happy to be getting some expert help.. You see my avatar and the face of shame so goes for me I became restless after thinking I had gotten it cleaned up and then it would wait and reappear so I threw everything at it and it did fight well and it had some pretty scary if its true ability to run fake desktop realities.  
 
It does look to me as if it has made another user account and locked me out of the admins account that I regularly used. I think it capable of surviving a restore just guessing though. I have this feeling it will lock me permanently if I try. I have seen it without a doubt running virtual desktop environments in the back ground that it brought forward and switched out for the real instance when I was in the services and processes and permission while throwing hit man adwrware ?? and malware bytes simultaneously at it. It has changed the download folder to a really weird place when I was running about ten downloads of root kit removals at one time because it was blocking me from downloading. I got several through and then when i was unpacking and installing it split up the files into random folder rendering the programs useless. Then it let me run a fake instance of malware root in the virtual envioroment but i could tell it was not being ran because i was using up too much ram for it too be running as smoothly as it was with any stalling or slowing down.you know the pauses that usually accompany it.

ComboFix 14-12-07.01 - User 12/08/2014 6:27.2.4 - x64 NETWORK

Running from: c:\users\User\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\2333688316069899042

c:\programdata\2333688316069899042\cd5b15e575e1c3d0804cf4a7fc1393e9.ini

c:\programdata\Roaming

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\185\background.html

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\185\content.js

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\185\lsdb.js

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\185\manifest.json

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\185\ujFQ4IYth.js

c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\6D1@CVr1pgC.com

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\6D1@CVr1pgC.com\bootstrap.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\6D1@CVr1pgC.com\chrome.manifest

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\6D1@CVr1pgC.com\content\bg.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\6D1@CVr1pgC.com\install.rdf

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\C8kbmzeCx@A.org

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\C8kbmzeCx@A.org\bootstrap.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\C8kbmzeCx@A.org\chrome.manifest

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\C8kbmzeCx@A.org\content\bg.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\C8kbmzeCx@A.org\install.rdf

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\O@mrSg9.com

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\O@mrSg9.com\bootstrap.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\O@mrSg9.com\chrome.manifest

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\O@mrSg9.com\content\bg.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xd5tn2mu.default\extensions\O@mrSg9.com\install.rdf

c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini

c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2

.

.

((((((((((((((((((((((((( Files Created from 2014-11-08 to 2014-12-08 )))))))))))))))))))))))))))))))

.

.

2014-12-08 11:30 . 2014-12-08 11:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-12-08 11:30 . 2014-12-08 11:30 -------- d-----w- c:\users\Guest\AppData\Local\temp

2014-12-08 08:58 . 2014-12-08 11:28 43664 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys

2014-12-08 08:45 . 2014-12-08 08:45 -------- d-----w- c:\program files (x86)\Belarc

2014-12-07 19:46 . 2014-12-07 19:46 -------- d-----w- c:\program files\silex technology

2014-12-07 19:38 . 2014-12-07 19:38 -------- d-----w- c:\windows\LastGood.Tmp

2014-12-07 18:14 . 2014-11-17 07:08 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60285102-43F1-4140-A7DD-2BEBDC53E2E7}\mpengine.dll

2014-12-07 17:04 . 2014-12-07 17:04 -------- d-----w- c:\users\User\.android

2014-12-07 16:58 . 2014-12-08 06:57 -------- d-----w- C:\Unified_Android_ToolKit

2014-12-07 13:05 . 2014-12-08 07:46 -------- d-----w- c:\users\User\Tools

2014-12-07 12:43 . 2014-12-07 19:29 -------- d-----w- c:\users\User\Android

2014-12-07 07:46 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll

2014-12-07 07:46 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll

2014-12-07 07:46 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll

2014-12-06 14:11 . 2014-09-10 20:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA73A08A-312C-449C-89AA-A67E747BB7BF}\gapaengine.dll

2014-12-06 14:10 . 2014-11-17 07:08 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-12-05 15:49 . 2014-12-05 15:50 -------- d-----w- C:\Adb SDK Tools

2014-12-05 13:55 . 2014-12-05 13:55 -------- d-----w- c:\users\User\AppData\Roaming\EZDownloader

2014-12-05 13:51 . 2014-12-05 13:51 -------- d-----w- c:\programdata\kkchbakemipgebiejbfcaebaabgeieef

2014-12-05 13:16 . 2014-09-10 20:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2014-12-05 12:53 . 2014-12-05 12:53 -------- d-----w- c:\programdata\blipofcjgfphheidlomlbfohicancjbk

2014-12-05 12:36 . 2013-12-26 05:41 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll

2014-12-05 12:36 . 2013-12-26 05:41 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll

2014-12-05 12:36 . 2013-12-26 05:41 206136 ----a-w- c:\windows\system32\drivers\ssudmdm.sys

2014-12-05 12:36 . 2013-12-26 05:41 108856 ----a-w- c:\windows\system32\drivers\ssudbus.sys

2014-12-05 09:26 . 2014-12-05 09:26 -------- d-----w- c:\program files\SAMSUNG

2014-12-05 09:25 . 2014-12-05 09:25 -------- d-----w- c:\programdata\Samsung

2014-12-05 03:32 . 2014-12-05 03:32 -------- d-----w- c:\windows\SysWow64\Adobe

2014-12-03 21:30 . 2014-12-04 08:00 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2014-12-03 21:30 . 2014-12-04 08:00 -------- d-----w- c:\program files\Microsoft Security Client

2014-12-03 12:23 . 2014-12-03 12:23 -------- d-----w- c:\program files\HitmanPro

2014-12-03 12:20 . 2014-12-07 00:05 -------- d-----w- c:\programdata\HitmanPro

2014-12-03 11:49 . 2014-12-08 10:33 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-12-03 11:49 . 2014-11-21 11:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-12-03 11:49 . 2014-12-03 11:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2014-12-03 11:49 . 2014-11-21 11:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-12-03 11:49 . 2014-11-21 11:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-11-18 20:30 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll

2014-11-18 20:30 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll

2014-11-18 20:30 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll

2014-11-18 20:30 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll

2014-11-13 15:55 . 2014-11-13 15:55 -------- d-sh--w- c:\users\User\AppData\Local\EmieBrowserModeList

2014-11-12 02:58 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2014-11-12 02:58 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll

2014-11-12 02:58 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll

2014-11-12 02:58 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll

2014-11-12 02:58 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll

2014-11-12 02:58 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll

2014-11-12 02:58 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll

2014-11-12 02:58 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2014-11-12 02:58 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2014-11-12 02:56 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll

2014-11-12 02:56 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll

2014-11-12 02:56 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys

2014-11-12 02:56 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll

2014-11-12 02:56 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll

2014-11-12 02:56 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll

2014-11-12 02:56 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-12-07 19:41 . 2013-11-22 11:57 310496 ----a-w- c:\windows\system32\drivers\sxuptp.sys

2014-11-27 05:05 . 2013-01-10 20:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-11-27 05:05 . 2013-01-10 20:50 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-11-13 14:53 . 2013-01-10 22:06 103374192 ----a-w- c:\windows\system32\MRT.exe

2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe

2014-10-29 19:32 . 2014-10-29 19:32 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-09-25 02:08 . 2014-10-01 01:35 371712 ----a-w- c:\windows\system32\qdvd.dll

2014-09-25 01:40 . 2014-10-01 01:35 519680 ----a-w- c:\windows\SysWow64\qdvd.dll

2014-09-09 22:11 . 2014-09-24 22:41 2048 ----a-w- c:\windows\system32\tzres.dll

2014-09-09 21:47 . 2014-09-24 22:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys

[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys

.

[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys

[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys

.

[-] 2010-11-21 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

[-] 2010-11-21 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\system32\drivers\tdx.sys

.

[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7601.17887] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll

[-] 2012-07-04 . 156768ABAE1DAF29BA0B0C05C21FEF09 . 136704 . . [6.1.7601.22044] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll

[-] 2010-11-21 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll

[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll

.

[-] 2014-09-19 . B84317193B6A29F5F5DCF538C34FDCED . 31232 . . [6.1.7601.22814] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe

[-] 2014-09-19 . 341655B216721D89CADE9DEA2F33872F . 31232 . . [6.1.7601.18606] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe

[-] 2014-05-30 . F23812F9F7B130854E4BC0389F7C688C . 31232 . . [6.1.7601.18489] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

[-] 2014-05-30 . 04F6C08B30C599D301CE8530A6F6A703 . 31232 . . [6.1.7601.22705] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe

[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe

[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe

[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe

[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe

[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe

[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe

[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe

[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe

[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe

[-] 2012-08-24 . 77119F1F9B492B260030C34F9BE327FA . 31232 . . [6.1.7601.22099] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe

[-] 2012-06-04 . 79C908CAA6F43021EB05F4C733A927D1 . 31232 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe

[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe

[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe

[-] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe

[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

[-] 2014-04-12 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\system32\lsass.exe

.

[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll

.

[-] 2010-11-21 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

[-] 2010-11-21 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll

.

[-] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

[-] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll

.

[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe

.

[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7601.17777] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe

[-] 2012-02-11 . B9D7A4858CF32A6A15D2763F1DE47E0E . 559616 . . [6.1.7601.21921] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

[-] 2010-11-21 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe

[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe

.

[-] 2014-07-17 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.18540] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe

[-] 2014-07-16 . 98AA0BFEE089C7E5DADB94190D93456C . 455680 . . [6.1.7601.22750] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[-] 2014-03-04 . 6CE2AE073BD21C542FC2C707CAE944CC . 455680 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe

[-] 2014-03-04 . 88AB9B72B4BF3963A0DE0820B4B0B06C . 455168 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

[-] 2010-11-21 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[-] 2014-07-17 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe

.

[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_97c9d703ee91c7f1\comctl32.dll

[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll

[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_980cc5cd07e3aa05\comctl32.dll

[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_a6ba9bf96e3dcd13\comctl32.dll

[-] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll

[-] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

[-] 2010-11-21 . 7FA8FDC2C2A27817FD0F624E78D3B50C . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll

.

[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll

[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll

.

[-] 2014-07-07 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7601.18526] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_d41cb8b3b175406a\cryptsvc.dll

[-] 2014-07-07 . 63A15BA9875364C4147B226CB70468B3 . 190976 . . [6.1.7601.22736] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22736_none_d49b8778ca9af94c\cryptsvc.dll

[-] 2013-10-05 . 509D31797A4B8A3D6ED78A330B19A919 . 186880 . . [6.1.7601.22473] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll

[-] 2013-07-09 . 434CCE8E7150CD1324C5FAA088D1D061 . 186880 . . [6.1.7601.22380] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll

[-] 2013-07-09 . 6B400F211BEE880A37A1ED0368776BF4 . 184320 . . [6.1.7601.18205] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll

[-] 2013-05-13 . D8129C49798CBBFB2E4351D4B7B8EF9C . 184320 . . [6.1.7601.18151] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll

[-] 2013-05-11 . 8122252F0A4ACFA92FA0C1D50D18493B . 186880 . . [6.1.7601.22322] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll

[-] 2013-05-10 . 7FDC4626B01106A8EF328C88C7C0DEE3 . 184320 . . [6.1.7601.18150] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll

[-] 2013-05-10 . CA13C4F92BEE66DB48E58AB3223DDF6E . 186880 . . [6.1.7601.22321] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll

[-] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll

[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7601.17856] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll

[-] 2010-11-21 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll

[-] 2014-07-07 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll

.

[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll

[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll

.

[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll

[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll

.

[-] 2014-04-25 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_0af5261f6f3c76ad\usp10.dll

[-] 2014-04-25 . BB2B03C6B6778A9B2866A049CC600D55 . 801792 . . [1.0626.7601.22666] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_0b75f5788860623d\usp10.dll

[-] 2012-11-22 . E4ACCC7927A1478DF636534864E03666 . 801280 . . [1.0626.7601.22171] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_0b661a9c886d0db8\usp10.dll

[-] 2012-11-22 . DBF99FD9CAF75CA66D042BD8D050FF71 . 800768 . . [1.0626.7601.18009] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_0b302f956f0f750f\usp10.dll

[-] 2010-11-21 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll

[-] 2014-04-25 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\system32\usp10.dll

.

[-] 2014-04-12 . 77BBBF70BCE286CD19E1E68F248363FA . 1164800 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll

[-] 2014-03-04 . 52E77DC8E31C89FBB1E968699C8121C5 . 1164800 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_f26f71478606ff08\kernel32.dll

[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll

[-] 2013-08-29 . 786D234A90FCAC72633AE6FC52653A49 . 1162240 . . [6.1.7601.22436] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll

[-] 2013-08-02 . C525D51A79B01342344F02E38866CF60 . 1162240 . . [6.1.7601.22411] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_f26a6c09860b8607\kernel32.dll

[-] 2013-08-02 . D8973E71F1B35CD3F3DEA7C12D49D0F0 . 1161216 . . [6.1.7601.18229] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_f1ddffbc6ceecfbf\kernel32.dll

[-] 2013-07-08 . 38E54D419A2962E24D35D868E4724AE7 . 1162240 . . [6.1.7601.22379] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_f2318ceb8634fb3e\kernel32.dll

[-] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll

[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll

[-] 2012-10-04 . 1DC3504CA4C57900F1557E9A3F01D272 . 1161216 . . [6.1.7601.17965] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll

[-] 2012-10-04 . F3C594D0DA3ACFA6C7B781A490AB4282 . 1162240 . . [6.1.7601.22125] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll

[-] 2010-11-21 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll

[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18015] .. c:\windows\system32\kernel32.dll

.

[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll

[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll

.

[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_07bb20dd7154003d\lpk.dll

[-] 2013-06-06 . 22FC61B8E1EBA296FF416C3678E26DD3 . 41472 . . [6.1.7601.22350] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_08535d608a67b3eb\lpk.dll

[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll

[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_07e15d357138149f\lpk.dll

[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_082d1b568a83a814\lpk.dll

[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\system32\lpk.dll

.

[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll

[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll

.

[-] 2014-11-06 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll

[-] 2014-09-19 . 7415B29AFE2E4494A57358B8C7E78600 . 23631360 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll

[-] 2014-08-18 . 920BD93A0B64657A20CA66C2EBB167EA . 23591424 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll

[-] 2014-07-25 . ECA387DCD57F683C52171C766CF400F0 . 23645696 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll

[-] 2014-06-19 . FEC19C351EF1B2C998A85D1BFD765675 . 23464448 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll

[-] 2014-05-30 . 56803B20D168C1B740D12CE0BE4588F5 . 23414784 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll

[-] 2014-05-23 . 37D0FB9E5E8EDA40B66FC3FB3D660261 . 23549440 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll

[-] 2014-05-06 . 797E2E5C309AFF76990D5B7AF457EACA . 23544320 . . [11.00.9600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll

[-] 2014-05-06 . 01FA6D239237350EC45B4B12727B8E00 . 17847808 . . [9.00.8112.16553] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16553_none_87c2e393f4e3c16f\mshtml.dll

[-] 2014-05-05 . C9CD994106194680DC04D3CED31F30C5 . 17848320 . . [9.00.8112.20664] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20664_none_8842b0bd0e089681\mshtml.dll

[-] 2014-03-08 . DB06224C72F52FAF8339D2669175A222 . 17848832 . . [9.00.8112.16545] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16545_none_87cfb413f4d9d82c\mshtml.dll

[-] 2014-03-08 . 5F934EC9C41CF86843940B86E326407B . 17848832 . . [9.00.8112.20656] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20656_none_884f813d0dfead3e\mshtml.dll

[-] 2014-03-01 . 4E0709D9BB951AD1C22E4FF519B90839 . 23133696 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll

[-] 2013-07-25 . EEC97B8A669093E4797ECD0B56DFEC51 . 17832960 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20613_none_8877c00f0de0f175\mshtml.dll

[-] 2013-07-25 . 7D9371E3C8CF927D0A2A1D9E1161C324 . 17830400 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16502_none_87f7f2e5f4bc1c63\mshtml.dll

[-] 2013-01-10 . CFF3C4ABDCC5356B0674743BDF0FB674 . 17811968 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_87c6e2d5f4e029a4\mshtml.dll

[-] 2012-11-12 . AE18DCD6934D657EA0995E919FB0F4DD . 9055744 . . [8.00.7601.17998] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_8bd0e8a2b008375a\mshtml.dll

[-] 2012-11-12 . 5D0EAA517A6450200ECAA8C95D02B293 . 9057792 . . [8.00.7601.22160] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_8c72cb03c914ebdb\mshtml.dll

[-] 2010-11-21 . 1C8B787BAA52DEAD1A6FEC1502D652F0 . 8988160 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll

[-] 2014-11-06 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17420] .. c:\windows\system32\mshtml.dll

.

[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll

[-] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll

[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll

[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\system32\msvcrt.dll

.

[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7601.18254] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll

[-] 2013-09-07 . BDDB1FD258B92DEE00F222D3304B5D9C . 327168 . . [6.1.7601.22444] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll

[-] 2010-11-21 . 1D5185A4C7E6695431AE4B55C3D7D333 . 326144 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll

[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll

.

[-] 2010-11-21 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[-] 2010-11-21 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll

.

[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll

[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll

.

[-] 2010-11-21 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

[-] 2010-11-21 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll

.

[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll

[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll

.

[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe

.

[-] 2010-11-21 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll

[-] 2010-11-21 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll

.

[-] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

[-] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll

.

[-] 2010-11-21 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[-] 2010-11-21 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe

.

[-] 2014-11-06 . 6FC2819A4F80AAB2DADEDFC1EFEE3C3F . 2365440 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll

[-] 2014-09-19 . 9D98D4F390F0B14A782F3B931E613A1A . 2309632 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_e44dd93bb6d670c7\wininet.dll

[-] 2014-08-18 . 39EBB9708453036A74C30C9A294023FF . 2310656 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_e45c6045b6cad3d3\wininet.dll

[-] 2014-07-25 . 8E71A5CB5312B8392D4DA4CA37BB5868 . 2266624 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll

[-] 2014-06-18 . 2EE102DF0EDD8A1EDD3D1E9B99A91BEC . 2266112 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll

[-] 2014-05-30 . 40BFD9D6EC8E174145F012246CA73CCD . 2266112 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll

[-] 2014-05-23 . F220BA78AB542C70211D73AE4729B2CD . 2260480 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll

[-] 2014-03-08 . 56932FF02302B2A294A2221FF7FF1F06 . 1392128 . . [9.00.8112.16545] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16545_none_767594f574836ef6\wininet.dll

[-] 2014-03-08 . 0E292E8151DA4F3F9C17C07E51F0FA83 . 1392640 . . [9.00.8112.20656] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20656_none_76f5621e8da84408\wininet.dll

[-] 2014-03-01 . DF79CE9B950C62677D232154E93A81C7 . 2334208 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll

[-] 2013-07-25 . EF560100034BF6C78A979BBB0FF9641C . 1392640 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20613_none_771da0f08d8a883f\wininet.dll

[-] 2013-07-25 . CA87556BBA37D1B4F67C331186618673 . 1392128 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16502_none_769dd3c77465b32d\wininet.dll

[-] 2013-01-10 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_766cc3b77489c06e\wininet.dll

[-] 2012-10-27 . 7E04D13661FB771CA4FDBB836AD0BA49 . 1188864 . . [8.00.7601.17984] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17984_none_7a7d98482fad4cd7\wininet.dll

[-] 2012-10-27 . 6C11E0E42D91728C8283917A8F57A72E . 1189888 . . [8.00.7601.22145] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22145_none_7b334d2f48a9c976\wininet.dll

[-] 2010-11-21 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll

[-] 2014-11-06 . 6FC2819A4F80AAB2DADEDFC1EFEE3C3F . 2365440 . . [11.00.9600.16428] .. c:\windows\system32\wininet.dll

.

[-] 2010-11-21 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll

[-] 2010-11-21 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll

.

[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll

[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll

.

[-] 2010-11-21 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll

[-] 2010-11-21 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll

.

[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll

.

[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe

.

[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe

[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe

.

[-] 2010-11-21 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll

[-] 2010-11-21 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll

.

[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll

[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll

.

[-] 2010-11-21 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll

[-] 2010-11-21 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll

.

[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll

[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll

.

[-] 2014-10-14 . 6A5B600AD0041E9AF564DE73B716F3D2 . 686592 . . [6.1.7601.22843] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll

[-] 2014-10-14 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.18637] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll

[-] 2014-07-17 . 4FC4C50985E5B840F4D72E57286887B8 . 681984 . . [6.1.7601.18540] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll

[-] 2014-07-16 . F4D7114060C034134A440846F411BB7F . 686080 . . [6.1.7601.22750] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll

[-] 2010-11-21 . 2E648163254233755035B46DD7B89123 . 680960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll

[-] 2014-10-14 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.17514] .. c:\windows\system32\termsrv.dll

.

[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll

[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll

.

[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll

[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\system32\msimg32.dll

.

[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll

[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll

[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll

[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll

[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll

[-] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

[-] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll

[-] 2010-11-21 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

.

[-] 2014-07-07 . 90BFC30E730A6760F1FEE2A55F8AB029 . 145920 . . [6.1.7601.22736] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22736_none_787cebf5123d8816\cryptsvc.dll

[-] 2014-07-07 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll

[-] 2014-07-07 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7601.18526] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_77fe1d2ff917cf34\cryptsvc.dll

[-] 2013-10-05 . F2D9242C3BBD1C36467FCAE1AE01733F . 142848 . . [6.1.7601.22473] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

[-] 2013-07-09 . 6DB499DEFCC827317C5371164A7CDB27 . 142848 . . [6.1.7601.22380] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll

[-] 2013-07-09 . 7CA1BECEA5DE2643ADDAD32670E7A4C9 . 140288 . . [6.1.7601.18205] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll

[-] 2013-05-13 . 3897DFF247D9ED0006190349DE264E14 . 140288 . . [6.1.7601.18151] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll

[-] 2013-05-11 . AC04D05309BB2C418D0D80B9FB014642 . 142848 . . [6.1.7601.22322] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll

[-] 2013-05-10 . E122AA1C9A3CC46FF9DDDE46E5EB0C58 . 142848 . . [6.1.7601.22321] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll

[-] 2013-05-10 . 33ADF6E0853AB39EA1723BE82842C1D3 . 140288 . . [6.1.7601.18150] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll

[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7601.22010] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll

[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7601.17856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll

[-] 2010-11-21 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

.

[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll

[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

.

[-] 2010-11-21 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\SysWOW64\imm32.dll

[-] 2010-11-21 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll

.

[-] 2014-04-12 . C8C41EBEE097FEB29FB816854D3AD1E7 . 1114112 . . [6.1.7601.22653] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll

[-] 2014-03-04 . 866696FBE24914047462E34812169954 . 1114112 . . [6.1.7601.22616] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_fcc41b99ba67c103\kernel32.dll

[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\SysWOW64\kernel32.dll

[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll

[-] 2013-08-29 . EE751CBD5D0C332FDF3DF7187B612416 . 1114112 . . [6.1.7601.22436] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll

[-] 2013-08-02 . 61579F821AB5FF7FA2966D64D1070BA8 . 1114112 . . [6.1.7601.22411] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_fcbf165bba6c4802\kernel32.dll

[-] 2013-08-02 . 365A5034093AD9E04F433046C4CDF6AB . 1114112 . . [6.1.7601.18229] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_fc32aa0ea14f91ba\kernel32.dll

[-] 2013-07-08 . 2997A7BC59E3EEFE8E86D1B0F3A3D748 . 1114112 . . [6.1.7601.22379] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_fc86373dba95bd39\kernel32.dll

[-] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll

[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll

[-] 2012-10-04 . D4F3176082566CEFA633B4945802D4C4 . 1114112 . . [6.1.7601.17965] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll

[-] 2012-10-04 . 5FA395364EE727E4BEE6B1406C207F98 . 1114112 . . [6.1.7601.22125] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll

[-] 2010-11-21 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll

.

[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll

[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll

.

[-] 2013-06-06 . 84CA3579EEB69D8E1EE67E4F721BF71C . 25600 . . [6.1.7601.22350] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_12a807b2bec875e6\lpk.dll

[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\SysWOW64\lpk.dll

[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll

[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll

[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_12360787a598d69a\lpk.dll

[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_1281c5a8bee46a0f\lpk.dll

.

[-] 2014-11-06 . 93074C4FA92A8399404D032F6AF72C1B . 19781632 . . [11.00.9600.17420] .. c:\windows\SysWOW64\mshtml.dll

[-] 2014-11-06 . 93074C4FA92A8399404D032F6AF72C1B . 19781632 . . [11.00.9600.17420] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll

[-] 2014-09-19 . F91E55DA404B834648A3B0A2477C10DB . 17484800 . . [11.00.9600.17344] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_fffca2ac6b8d9bf8\mshtml.dll

[-] 2014-08-18 . 7BF1CE9240CB9DD27C3E30733176EB8E . 17455104 . . [11.00.9600.17280] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_000b29b66b81ff04\mshtml.dll

[-] 2014-07-25 . 8453DDF167CE2986AA4AB04BC6824925 . 17524224 . . [11.00.9600.17239] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll

[-] 2014-06-19 . DFA59840BB1220AFD261FDAE83543959 . 17276416 . . [11.00.9600.17207] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll

[-] 2014-05-30 . D5ECBB3BFDC73A59440D9CA79AB3A342 . 17271296 . . [11.00.9600.17126] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll

[-] 2014-05-23 . EA85144F35EDE6EE25C484D4242FF2C8 . 17387008 . . [11.00.9600.17041] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll

[-] 2014-05-06 . EB5347F6149D3FF25F4D609A21A3BD67 . 17382912 . . [11.00.9600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll

[-] 2014-05-05 . 0E468A0C51460D8DA3DF9B782275F1DB . 12347392 . . [9.00.8112.16553] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16553_none_92178de62944836a\mshtml.dll

[-] 2014-05-05 . 978376F3B5B6265463E6C9059ED373CA . 12347904 . . [9.00.8112.20664] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20664_none_92975b0f4269587c\mshtml.dll

[-] 2014-03-07 . 10D0FA4F2A6ADBEEA0FFF10583CC5407 . 12347904 . . [9.00.8112.16545] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16545_none_92245e66293a9a27\mshtml.dll

[-] 2014-03-07 . DDFC3CFB3C63820B4464F8545E867BC5 . 12347904 . . [9.00.8112.20656] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20656_none_92a42b8f425f6f39\mshtml.dll

[-] 2014-03-01 . 70462E0A4E293FC80620AB945D8A59BB . 17074688 . . [11.00.9600.16521] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_ffe49f886b9fd747\mshtml.dll

[-] 2013-07-25 . 0E2B5CB2193B6B0057F7D8B3FE02777E . 12334080 . . [9.00.8112.20613] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20613_none_92cc6a614241b370\mshtml.dll

[-] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16502] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16502_none_924c9d38291cde5e\mshtml.dll

[-] 2013-01-10 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16457] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_921b8d282940eb9f\mshtml.dll

[-] 2012-11-12 . 299ED7BD35F503E8ECC3F50DCCE4A1D1 . 6029312 . . [8.00.7601.22160] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_96c77555fd75add6\mshtml.dll

[-] 2012-11-12 . 48892C6C23E99FE5E4DF1909CE96FEC9 . 6028800 . . [8.00.7601.17998] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_962592f4e468f955\mshtml.dll

[-] 2010-11-21 . C50799F0D47DFB9774F721521B6C41D5 . 5977600 . . [8.00.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll

.

[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll

[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\SysWOW64\msvcrt.dll

[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll

[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll

.

[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll

[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7601.18254] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll

[-] 2013-09-07 . 6547D445C4B69DC0083B619AC642DF04 . 231424 . . [6.1.7601.22444] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll

[-] 2010-11-21 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

.

[-] 2010-11-21 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll

[-] 2010-11-21 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

.

[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll

[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll

.

[-] 2010-11-21 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll

[-] 2010-11-21 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

.

[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll

[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll

.

[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe

[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

.

[-] 2010-11-21 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll

[-] 2010-11-21 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll

.

[-] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll

[-] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

.

[-] 2010-11-21 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe

[-] 2010-11-21 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

.

[-] 2014-11-06 . 6DD7D61A8EF3DFEC4FAEFEB395E77424 . 1892864 .

Edited by Queen-Evie, 13 December 2014 - 07:15 AM.
to add combofix log as instructed by boopme in OP's AII topic since the OP is having problems

Nooo - I'm not running multiple real time antisoftware I've evolved past that error.


My momma said I'm not too bright --but I can lift heavy things.


BC AdBot (Login to Remove)

 


#2 air1

air1
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa texas
  • Local time:08:42 AM

Posted 13 December 2014 - 10:59 AM

I have an ssd that I was going to put on this laptop so If anyone could just help me tell me I have no bios infection and how to back up user files without bringing any nasties over and drivers. I have a Win. 7 pro disk that I will reload windows with.I have a refurbished Hp laptop now that was sold to me at a local computer shop that had some third party software and drivers running some of this Hp hardware like the camera. I wonder if anyone has and Idea of what folder I should copy SW setup? Let me know if I can do this and do it clean. 

 

I went back and read my service logs. It reads like a book that my computer is using 6 or seven malware programs and every windows service and process is completely in compliance and when im on it is tracking and what im looking at and putting up those grey out floating window ads. Its using window audio to eavesdrop it is using a user account and a net account and another switching the UI from the 3 many times a minute its fetching up servers and ip addresses opening up the firewall and taking me straight to its ip address it choosiness parameters are set to give me fake errors when trying to inter-fear with shutting them down. It reads just like a bird singing telling it's play by play. This is too much in control. The net bios is what I think their most rooted stronghold. It enables and disables according to the information sent on triggered by me at the laptop. Its to freaky for ads..Its way to sophisticated. I was able to undo some-of it but I dont understand it how they create all these running desktop instances just by folder options and settings and permissions on files and then using like portals like the favorites folder is a jump so to say. Then the programs fetch for files and get the wrong ones because they are in the right folders because they look at address only and then viola there folder is now in the up and running program and thy have root access. .   . 


Nooo - I'm not running multiple real time antisoftware I've evolved past that error.


My momma said I'm not too bright --but I can lift heavy things.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,701 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 14 December 2014 - 01:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/559193 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:42 AM

Posted 22 December 2014 - 10:59 AM

Hello air1, :)

 

I have an ssd that I was going to put on this laptop so If anyone could just help me tell me I have no bios infection and how to back up user files without bringing any nasties over and drivers.

I agree, this is probably your best option.  Clearing the bios can be accomplished by simply removing the cmos battery for 5-10 minutes and then re-inserting it. As for the backed up user files, place them on a usb drive and perform a scan of the drive prior to moving them onto the new hard drive. For drivers I would recommend downloading them from the laptop manufacturer website and also placing them on the usb drive.


Best Regards,
oneof4.


#5 air1

air1
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa texas
  • Local time:08:42 AM

Posted 25 December 2014 - 11:04 PM

Thanks, for the help. I'm currently putting the new drive in, and will remove cmose battery. I was locked out of admins account. This post should be moved from malware to hacked. I've had mac an s3 android another widows 8 computer and 2more androids and my Belkin router is locked up tight and I can't access it or reset it manually. I hope they are finished with having fun with me. They are using 0 folders and c:drives virtual memory, fake I'd program's keyloggers browser extensions and a chrome task manager, multiple user accounts and a bunch more stuff. I cannot stop them. I've tried everything.

Nooo - I'm not running multiple real time antisoftware I've evolved past that error.


My momma said I'm not too bright --but I can lift heavy things.


#6 air1

air1
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa texas
  • Local time:08:42 AM

Posted 25 December 2014 - 11:21 PM

thanks for the reply I'm working on it now

Edited by air1, 25 December 2014 - 11:31 PM.

Nooo - I'm not running multiple real time antisoftware I've evolved past that error.


My momma said I'm not too bright --but I can lift heavy things.


#7 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:42 AM

Posted 29 December 2014 - 09:49 AM

Do you need any further assistance?


Best Regards,
oneof4.


#8 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:42 AM

Posted 31 December 2014 - 04:40 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Best Regards,
oneof4.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users