Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Chrome.exe *32" and other tasks slowing me down...


  • This topic is locked This topic is locked
16 replies to this topic

#1 Derek2323

Derek2323

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 25 December 2014 - 01:17 PM

Getting multiple pop up browsers as well. Need help removing. I started using Internet Explorer browser because Firefox was producing a lot more pop ups. Any help would be greatly appreciated.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16599  BrowserJavaVersion: 10.67.2
Run by Derek at 12:53:39 on 2014-12-25
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4062.1697 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\HitsBlenderUpdater\HitsBlenderUpdater.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Windows\system32\taskeng.exe
C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Runner.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Derek\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Program Files (x86)\LuckyTab\LuckyTab.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Derek\AppData\Local\AE11B5~1\CHROME~1\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTCc-nJMu1nd4OAPCQtWrQ65BJ98TrXMs6O9RexQ-5mQCZQNfd0Im1yPmw9N6-FKA,,
uSearch Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
uSearch Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
uProxyOverride = <-loopback>;*.local
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [HitsBlender] "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
uRun: [Amazon Music] "C:\Users\Derek\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [PeachtreePrefetcher.exe] "C:\PROGRA~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" /configfile:peachtreeprefetcher.winstart.config
mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ospd_us_531] <no file>
StartupFolder: C:\Users\Derek\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 8.8.8.8,8.8.4.4
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B5460687-2F9D-4EAA-8C86-2B0242F0B5F5} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B5460687-2F9D-4EAA-8C86-2B0242F0B5F5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{BBF57384-4FED-4956-B4BB-BBB82EBC8580} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{BBF57384-4FED-4956-B4BB-BBB82EBC8580} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{c328fed4-6a85-11db-9fbd-806e6f6e6963} : NameServer = 8.8.8.8,8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableLUA = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 {1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64;{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64;C:\Windows\System32\drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys [2014-12-17 61064]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/23 19:45:06];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-9-10 147704]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-11-23 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-11-23 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-11-23 295440]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-11-23 83704]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2012-11-23 15672]
R3 AVerBDA6x_x64;AVerMedia SAA716x BDA Service;C:\Windows\System32\drivers\AVerBDA716x_x64.sys [2012-1-4 1317888]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2011-1-5 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-4-28 64000]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-10-22 128352]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-3-31 5430272]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate);C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc --> C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  [?]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc --> C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 SPPD;SPPD;C:\Windows\System32\drivers\SPPD.sys [2014-7-10 21976]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-14 90776]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-12-18 02:40:21 1487840 ----a-w- C:\Users\Derek\AppData\Roaming\PEHLZF.exe
2014-12-18 02:39:32 1967584 ----a-w- C:\Users\Derek\AppData\Roaming\WNOTDII.exe
2014-12-17 08:26:46 61064 ----a-w- C:\Windows\System32\drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys
2014-12-16 17:33:43 2092 ----a-w- C:\Windows\patsearch.bin
2014-12-14 15:53:40 378640 ----a-w- C:\Windows\System32\ColorMedia64.dll
2014-12-14 15:53:40 332568 ----a-w- C:\Windows\SysWow64\ColorMedia.dll
2014-12-11 08:38:30 21976 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-12-11 08:11:50 112710672 ----a-w- C:\Windows\System32\mrt.exe
2014-12-10 16:48:28 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 16:48:28 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-03 02:06:01 278528 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-12-03 01:51:29 347136 ----a-w- C:\Windows\System32\schannel.dll
2014-11-24 22:12:45 17874432 ----a-w- C:\Windows\System32\mshtml.dll
2014-11-24 21:59:39 448512 ----a-w- C:\Windows\System32\html.iec
2014-11-24 21:54:00 10921984 ----a-w- C:\Windows\System32\ieframe.dll
2014-11-24 21:53:14 2339840 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-24 21:47:43 1388032 ----a-w- C:\Windows\System32\urlmon.dll
2014-11-24 21:47:12 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-11-24 21:45:49 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-24 21:45:37 237056 ----a-w- C:\Windows\System32\url.dll
2014-11-24 21:45:29 86016 ----a-w- C:\Windows\System32\jsproxy.dll
2014-11-24 21:44:58 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-24 21:44:55 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-24 21:44:51 2157056 ----a-w- C:\Windows\System32\iertutil.dll
2014-11-24 21:44:49 816640 ----a-w- C:\Windows\System32\jscript.dll
2014-11-24 21:44:40 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2014-11-24 21:44:21 453120 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-11-24 21:44:11 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2014-11-24 21:44:08 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2014-11-24 21:44:05 11264 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-11-24 21:43:51 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2014-11-24 21:43:44 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-24 21:43:33 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-11-24 21:42:58 248320 ----a-w- C:\Windows\System32\ieui.dll
2014-11-24 20:44:32 367104 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-24 20:41:46 12369920 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-11-24 20:40:49 1810944 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-24 20:37:23 9740800 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-11-24 20:35:45 1139712 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-11-24 20:35:25 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-24 20:34:40 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-24 20:34:05 231936 ----a-w- C:\Windows\SysWow64\url.dll
2014-11-24 20:33:59 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-11-24 20:33:56 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-24 20:33:47 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-24 20:33:26 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2014-11-24 20:33:21 1802752 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-11-24 20:33:15 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-11-24 20:33:03 41472 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2014-11-24 20:32:53 353792 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2014-11-24 20:32:49 223232 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2014-11-24 20:32:48 10752 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2014-11-24 20:32:47 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-11-24 20:32:42 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-11-24 20:32:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-24 20:32:17 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-11-19 15:38:44 56528 ----a-w- C:\Windows\System32\drivers\netfilter64.sys
2014-11-19 09:26:34 1614504 ----a-w- C:\Windows\System32\FM20.DLL
2014-11-07 01:33:21 974848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-07 01:28:24 1209856 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-04 00:35:01 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-04 00:19:33 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-24 01:04:29 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-24 01:03:40 499200 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-10-24 00:39:49 77312 ----a-w- C:\Windows\System32\packager.dll
2014-10-24 00:39:19 656384 ----a-w- C:\Windows\System32\kerberos.dll
2014-10-18 01:08:10 564224 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-18 00:46:22 847360 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-12 23:52:40 2782208 ----a-w- C:\Windows\System32\win32k.sys
2014-10-10 01:10:24 548352 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-10 01:09:30 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-10 01:09:23 1689600 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-10 01:01:46 77312 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-10 01:00:34 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-09 23:53:20 619520 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-09 23:22:16 619520 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-03 01:18:20 274432 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:17:16 396800 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:17:16 115712 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:03:12 313344 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 01:02:20 201728 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 01:01:59 474624 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 01:01:59 446976 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-02 23:49:01 88576 ----a-w- C:\Windows\SysWow64\audiodg.exe
.
============= FINISH: 12:55:44.40 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 26 December 2014 - 11:37 PM

Hello and welcome.  Please follow these guidelines while we work on your PC:

  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I have given you the “All clear.”  Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.

icon11.gif   Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#3 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 27 December 2014 - 08:43 PM

Thanks.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by Derek (administrator) on DEREK-PC on 27-12-2014 20:35:34
Running from C:\Users\Derek\Desktop
Loaded Profile: Derek (Available profiles: Derek & UpdatusUser & Mcx1)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
() C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Runner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Derek\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files (x86)\Sage Software\Peachtree\PeachtreePrefetcher.exe [28488 2011-10-25] (Sage Software, Inc.)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [505872 2012-09-17] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [374560 2012-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [ospd_us_531] => [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Run: [Amazon Music] => C:\Users\Derek\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\MountPoints2: {18e6d4c3-58a6-11e4-867e-001eec856dbb} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\MountPoints2: {a0864b89-166c-11e4-ae28-001eec856dbb} - E:\VZW_Software_upgrade_assistant.exe
Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3978693-1187435272-2813009078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTCc-nJMu1nd4OAPCQtWrQ65BJ98TrXMs6O9RexQ-5mQCZQNfd0Im1yPmw9N6-FKA,,
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjaxg,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjaxg,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3978693-1187435272-2813009078-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3978693-1187435272-2813009078-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B5460687-2F9D-4EAA-8C86-2B0242F0B5F5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{BBF57384-4FED-4956-B4BB-BBB82EBC8580}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c328fed4-6a85-11db-9fbd-806e6f6e6963}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\searchplugins\Web Search.xml
FF Extension: HD-Quality-3.1V15.12 - C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\Extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com [2014-12-17]
FF Extension: Firefox365scorescom - C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\Extensions\Firefox@365scores.com [2014-12-23]
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-01-04]
FF HKU\S-1-5-21-3978693-1187435272-2813009078-1000\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files (x86)\Social Privacy\FF

Chrome:
=======
CHR Profile: C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (mhjpggdgbpaadicjmffjdjpgheolabba) - C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjpggdgbpaadicjmffjdjpgheolabba [2014-12-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2008-08-26] (Agere Systems)
S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-17] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-17] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-17] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [435496 2009-04-06] (Pervasive Software Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerBDA6x_x64; C:\Windows\System32\DRIVERS\AVerBDA716x_x64.sys [1317888 2008-12-02] (AVerMedia TECHNOLOGIES, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [9088 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
S3 SPPD; C:\Windows\system32\drivers\SPPD.sys [21976 2014-12-11] ()
R1 {1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64; C:\Windows\System32\drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys [61064 2014-12-17] (StdLib)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-10] (CyberLink Corp.)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-27 20:35 - 2014-12-27 20:36 - 00020731 _____ () C:\Users\Derek\Desktop\FRST.txt
2014-12-27 20:35 - 2014-12-27 20:35 - 00000000 ____D () C:\FRST
2014-12-27 20:34 - 2014-12-27 20:34 - 02122752 _____ (Farbar) C:\Users\Derek\Desktop\FRST64.exe
2014-12-26 13:54 - 2014-12-26 13:55 - 00295688 _____ () C:\Windows\Minidump\Mini122614-01.dmp
2014-12-25 12:56 - 2014-12-25 12:58 - 00022288 _____ () C:\Users\Derek\Desktop\dds.txt
2014-12-25 12:56 - 2014-12-25 12:58 - 00011052 _____ () C:\Users\Derek\Desktop\attach.txt
2014-12-25 12:50 - 2014-12-25 12:50 - 00688992 ____R (Swearware) C:\Users\Derek\Desktop\dds.com
2014-12-25 12:29 - 2014-12-25 12:35 - 00000000 ____D () C:\Users\Derek\Full Backup
2014-12-25 12:25 - 2014-12-25 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-12-25 12:24 - 2014-12-25 12:25 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-12-24 12:00 - 2014-12-24 12:02 - 00000000 ____D () C:\Users\Derek\songs 1214
2014-12-24 11:36 - 2014-12-24 11:36 - 00001582 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-12-24 11:30 - 2014-12-24 11:35 - 39565896 ____N (Amazon) C:\Users\Derek\Downloads\AmazonMusicInstaller.exe
2014-12-24 11:12 - 2014-12-24 11:12 - 00122712 ____N () C:\Users\Derek\Downloads\Unconfirmed 892124.crdownload
2014-12-23 18:53 - 2014-12-23 18:53 - 00000118 ____N () C:\Users\Derek\Desktop\chrome.lnk
2014-12-23 13:08 - 2014-12-23 13:08 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:06 - 2014-12-23 13:06 - 00295704 ____N () C:\Windows\Minidump\Mini122314-01.dmp
2014-12-19 03:01 - 2014-12-19 03:01 - 00464904 ____N () C:\Windows\dd_vcredistMSI5A6B.txt
2014-12-19 03:01 - 2014-12-19 03:01 - 00022954 ____N () C:\Windows\dd_vcredistUI5A6B.txt
2014-12-17 22:16 - 2014-12-27 20:31 - 00000956 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-17 22:16 - 2014-12-17 22:16 - 00003954 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-12-17 22:14 - 2014-12-17 22:14 - 00003148 _____ () C:\Windows\System32\Tasks\Run_Bobby_Browser
2014-12-17 21:45 - 2014-12-18 08:44 - 00000000 ____D () C:\Program Files\34CA5397-00C7-4B1E-B7C5-7D372DDEA25C
2014-12-17 21:40 - 2014-12-17 21:40 - 01487840 _____ (HD-Quality-3.1V15.12) C:\Users\Derek\AppData\Roaming\PEHLZF.exe
2014-12-17 21:39 - 2014-12-26 23:28 - 00000952 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-12-17 21:39 - 2014-12-17 22:16 - 00003700 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-12-17 21:39 - 2014-12-17 21:39 - 01967584 _____ (HD-Quality-3.1V15.12) C:\Users\Derek\AppData\Roaming\WNOTDII.exe
2014-12-17 21:39 - 2014-12-17 21:39 - 00000000 ____D () C:\Users\Derek\AppData\Local\globalUpdate
2014-12-17 21:36 - 2014-12-17 21:36 - 00003402 _____ () C:\Windows\System32\Tasks\DonutQuotes
2014-12-17 21:35 - 2014-12-18 08:43 - 00000000 ____D () C:\Program Files (x86)\donutleads
2014-12-17 21:35 - 2014-12-17 21:42 - 00000000 ____D () C:\ProgramData\donutleads
2014-12-17 21:34 - 2014-12-17 21:34 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-17 19:01 - 2014-12-17 19:01 - 00000000 ____D () C:\ProgramData\1837308050
2014-12-17 18:45 - 2014-12-17 18:47 - 14087848 ____N (Microsoft Corporation) C:\Users\Derek\Downloads\MSEInstall.exe
2014-12-17 18:45 - 2014-12-17 18:47 - 11447608 ____N (Microsoft Corporation) C:\Users\Derek\Downloads\MSEInstall(1).exe
2014-12-17 14:47 - 2014-12-17 14:47 - 00628496 _____ (CMI Limited) C:\Users\Derek\AppData\Local\nsyC20D.tmp
2014-12-17 14:47 - 2014-12-17 14:47 - 00000000 __SHD () C:\Users\Derek\AppData\Roaming\AnyProtectEx
2014-12-17 14:46 - 2014-12-17 14:48 - 00000000 ____D () C:\ProgramData\WRData
2014-12-17 14:44 - 2014-12-17 22:28 - 00000000 ____D () C:\Users\Derek\AppData\Local\LogMeIn Rescue Applet
2014-12-17 14:29 - 2014-12-17 14:29 - 00439884 _____ () C:\Users\Derek\AppData\Local\dd_vcredistMSI4CAD.txt
2014-12-17 14:29 - 2014-12-17 14:29 - 00027790 _____ () C:\Users\Derek\AppData\Local\dd_vcredistUI4CAD.txt
2014-12-17 14:29 - 2014-12-17 14:29 - 00004014 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-12-17 12:15 - 2014-12-17 12:18 - 00000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276
2014-12-17 12:15 - 2014-12-17 12:15 - 00004586 _____ () C:\Windows\System32\Tasks\Runner IC
2014-12-17 12:15 - 2014-12-17 12:15 - 00000000 ____D () C:\Program Files (x86)\predm
2014-12-17 11:37 - 2014-12-17 03:26 - 00061064 _____ (StdLib) C:\Windows\system32\Drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys
2014-12-17 11:36 - 2014-12-17 11:36 - 00003106 _____ () C:\Windows\System32\Tasks\Update Service HitsBlender
2014-12-17 11:36 - 2014-12-17 11:36 - 00000000 ____D () C:\Users\Derek\Documents\Optimizer Pro
2014-12-17 11:36 - 2014-12-17 11:36 - 00000000 ____D () C:\Program Files (x86)\HitsBlenderUpdater
2014-12-16 12:34 - 2014-12-16 12:34 - 00000000 ____D () C:\Users\Derek\AppData\Local\ospd_us_511
2014-12-16 12:33 - 2014-12-17 12:13 - 00000000 ____D () C:\Program Files\shopperz
2014-12-16 12:33 - 2014-12-17 12:10 - 00000000 ____D () C:\Program Files (x86)\37EE3489-84C3-4573-BC84-F6F7DCC25F25
2014-12-16 12:33 - 2014-12-16 12:33 - 00002092 ____N () C:\Windows\patsearch.bin
2014-12-16 12:33 - 2014-12-16 12:33 - 00000005 ____N () C:\end
2014-12-16 12:33 - 2014-12-16 12:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-16 12:33 - 2014-12-16 12:33 - 00000000 ____D () C:\Windows\System32\Tasks\PurpleRain
2014-12-16 12:32 - 2014-12-17 19:01 - 00005168 ____N () C:\Windows\SysWOW64\ColorMedia.ini
2014-12-16 12:32 - 2014-12-17 19:01 - 00002752 ____N () C:\Windows\SysWOW64\ColorMediaOff.ini
2014-12-16 12:32 - 2014-12-17 19:01 - 00002752 _____ () C:\Windows\system32\ColorMediaOff.ini
2014-12-16 12:32 - 2014-12-17 14:26 - 00000000 ____D () C:\ProgramData\PicColorData
2014-12-16 12:32 - 2014-12-16 12:32 - 00000000 ____D () C:\ProgramData\PurpleRain
2014-12-16 12:32 - 2014-12-14 10:53 - 00378640 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia64.dll
2014-12-16 12:32 - 2014-12-14 10:53 - 00332568 ____N (CartCrunch Israel Ltd.) C:\Windows\SysWOW64\ColorMedia.dll
2014-12-16 12:31 - 2014-12-16 12:31 - 00003400 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-12-16 12:31 - 2014-12-16 12:31 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\SimpleFiles
2014-12-16 12:31 - 2014-12-16 12:31 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-12-16 12:31 - 2014-12-16 12:31 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-12-16 12:30 - 2014-12-16 12:31 - 03876360 ____N (New Monte Inc) C:\Users\Derek\Downloads\Matthew_West-The_Day_Before_You_[Acoustic]_mp3_downloader.exe
2014-12-13 12:58 - 2014-12-13 12:58 - 00003374 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2014-12-13 12:58 - 2014-12-13 12:58 - 00003196 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2014-12-13 12:58 - 2014-12-13 12:58 - 00000000 ____D () C:\Users\Derek\Documents\ProPCCleaner
2014-12-13 12:58 - 2014-12-13 12:58 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\Rainmaker Software Group LLC.​
2014-12-13 12:58 - 2014-12-13 12:58 - 00000000 ____D () C:\Users\Derek\AppData\Local\Rainmaker_Software_Group_
2014-12-13 12:57 - 2014-12-13 12:57 - 33259320 ____N (Any-Video-Converter.com ) C:\Users\Derek\Downloads\avc-setup-5.7.6(1).exe
2014-12-13 12:53 - 2014-12-13 12:54 - 00230768 ____N () C:\Users\Derek\Downloads\avc-setup-5.7.6.exe
2014-12-13 12:41 - 2014-12-13 12:44 - 21339121 ____N () C:\Users\Derek\Downloads\PB101983.wmv
2014-12-11 03:10 - 2014-11-03 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 03:10 - 2014-11-03 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 03:09 - 2014-11-06 20:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 03:09 - 2014-11-06 20:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 03:05 - 2014-12-02 21:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-11 03:05 - 2014-12-02 20:51 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-10 12:31 - 2014-12-10 12:31 - 00000000 ____D () C:\Users\Derek\Documents\iOrgSoft
2014-12-10 12:21 - 2014-11-24 17:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 12:21 - 2014-11-24 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 12:21 - 2014-11-24 16:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 12:21 - 2014-11-24 16:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 12:21 - 2014-11-24 16:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 12:21 - 2014-11-24 16:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 12:21 - 2014-11-24 16:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 12:21 - 2014-11-24 16:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-10 12:21 - 2014-11-24 16:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 12:21 - 2014-11-24 16:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-10 12:21 - 2014-11-24 16:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-10 12:21 - 2014-11-24 16:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 12:21 - 2014-11-24 16:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 12:21 - 2014-11-24 16:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-10 12:21 - 2014-11-24 16:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 12:21 - 2014-11-24 15:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 12:21 - 2014-11-24 15:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 12:21 - 2014-11-24 15:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 12:21 - 2014-11-24 15:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 12:21 - 2014-11-24 15:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 12:21 - 2014-11-24 15:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 12:21 - 2014-11-24 15:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 12:21 - 2014-11-24 15:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 12:21 - 2014-11-24 15:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 12:21 - 2014-11-24 15:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-10 12:21 - 2014-11-24 15:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 12:21 - 2014-11-24 15:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 12:21 - 2014-11-24 15:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 12:21 - 2014-11-24 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 12:21 - 2014-11-24 15:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 12:21 - 2014-11-24 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-10 12:21 - 2014-11-24 15:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-09 11:23 - 2014-12-09 11:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-27 20:32 - 2009-04-11 10:41 - 01543525 _____ () C:\Windows\WindowsUpdate.log
2014-12-27 20:31 - 2012-11-18 18:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-27 12:03 - 2012-02-16 21:20 - 00026624 _____ () C:\Users\Derek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-26 23:29 - 2014-06-10 08:11 - 00000000 ___RD () C:\Users\Derek\Dropbox
2014-12-26 23:29 - 2014-06-10 08:09 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\Dropbox
2014-12-26 23:28 - 2014-05-21 15:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 14:01 - 2006-11-02 07:46 - 00767140 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 13:55 - 2006-11-02 10:22 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 13:55 - 2006-11-02 10:22 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 13:54 - 2014-04-11 12:25 - 532737665 _____ () C:\Windows\MEMORY.DMP
2014-12-26 13:54 - 2014-04-11 12:25 - 00000000 ____D () C:\Windows\Minidump
2014-12-26 13:54 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 12:29 - 2011-01-04 23:36 - 00000000 ____D () C:\Users\Derek
2014-12-23 19:27 - 2006-11-02 10:42 - 00032578 ____N () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-23 18:54 - 2014-02-08 15:02 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\AnvSoft
2014-12-23 13:05 - 2008-01-20 22:26 - 00182318 ____N () C:\Windows\PFRO.log
2014-12-19 12:56 - 2012-07-13 17:45 - 00000000 ____D () C:\Users\Derek\Documents\Tabatha =)
2014-12-19 03:01 - 2006-11-02 08:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-17 22:36 - 2014-06-10 08:11 - 00000919 ____N () C:\Users\Derek\Desktop\Dropbox.lnk
2014-12-17 22:36 - 2014-06-10 08:10 - 00000000 ____D () C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-17 22:28 - 2012-05-06 17:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-17 18:50 - 2012-01-04 07:51 - 00002198 ____N () C:\Windows\epplauncher.mif
2014-12-17 11:38 - 2006-11-02 07:34 - 00000321 ____N () C:\Windows\win.ini
2014-12-16 12:33 - 2006-11-02 10:27 - 00047056 ____N () C:\Windows\setupact.log
2014-12-13 12:20 - 2014-02-08 14:44 - 00000000 ____D () C:\Users\Derek\Documents\Log Files
2014-12-11 03:52 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:39 - 2012-01-25 09:22 - 00002425 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-11 03:38 - 2014-07-10 12:49 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-12-11 03:18 - 2013-08-19 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:11 - 2012-05-13 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:11 - 2006-11-02 07:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-10 12:21 - 2014-02-06 12:58 - 00000000 ____D () C:\Users\Derek\Documents\Tabatha 2
2014-12-10 11:48 - 2012-11-18 18:30 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 11:48 - 2012-05-26 08:28 - 00701104 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 11:48 - 2012-01-04 07:34 - 00071344 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Derek\AppData\Local\Temp\37472DB1-B4F5-0DD7-BA91-65AAFEF9DB29.dll
C:\Users\Derek\AppData\Local\Temp\37472DB1-B4F5-0DD7-BA91-65AAFEF9DB29.exe
C:\Users\Derek\AppData\Local\Temp\6EFCC918-4C21-3C59-042E-6182A364D269.exe
C:\Users\Derek\AppData\Local\Temp\amisetup6236__11003.exe
C:\Users\Derek\AppData\Local\Temp\CloudBackup6253.exe
C:\Users\Derek\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Derek\AppData\Local\Temp\converter.exe
C:\Users\Derek\AppData\Local\Temp\crdli.dll
C:\Users\Derek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplrlfys.dll
C:\Users\Derek\AppData\Local\Temp\fZviOCLg4L.exe
C:\Users\Derek\AppData\Local\Temp\HsEx1VcT8w.exe
C:\Users\Derek\AppData\Local\Temp\ihk7dSBLro.exe
C:\Users\Derek\AppData\Local\Temp\installer.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Derek\AppData\Local\Temp\nsfFD09.exe
C:\Users\Derek\AppData\Local\Temp\nsg4B8.exe
C:\Users\Derek\AppData\Local\Temp\nsgCDDD.exe
C:\Users\Derek\AppData\Local\Temp\nskA25C.exe
C:\Users\Derek\AppData\Local\Temp\nskFF99.exe
C:\Users\Derek\AppData\Local\Temp\nsp61EC.tmp.exe
C:\Users\Derek\AppData\Local\Temp\nsq8ED.exe
C:\Users\Derek\AppData\Local\Temp\nsqC9D6.exe
C:\Users\Derek\AppData\Local\Temp\nss4A95.tmp.exe
C:\Users\Derek\AppData\Local\Temp\nsu1970.exe
C:\Users\Derek\AppData\Local\Temp\nsu1CCB.exe
C:\Users\Derek\AppData\Local\Temp\oi_{9F46250B-7004-46CD-9E23-477C40A0FD93}.exe
C:\Users\Derek\AppData\Local\Temp\okDRgS2QzJ.exe
C:\Users\Derek\AppData\Local\Temp\optprosetup.exe
C:\Users\Derek\AppData\Local\Temp\pylB0C8.tmp.exe
C:\Users\Derek\AppData\Local\Temp\R5GKDDFJup.exe
C:\Users\Derek\AppData\Local\Temp\S2zfpq67yp.exe
C:\Users\Derek\AppData\Local\Temp\sdf8F6.exe
C:\Users\Derek\AppData\Local\Temp\Setup0988111.exe
C:\Users\Derek\AppData\Local\Temp\Setup_24522.exe
C:\Users\Derek\AppData\Local\Temp\SpOrder.dll
C:\Users\Derek\AppData\Local\Temp\sprz.exe
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite20164.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite24196.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite27454.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite28687.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite29042.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite30723.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite45158.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite48385.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite53220.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite56172.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite56832.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite58358.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite62607.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite63768.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite76952.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite77178.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite77266.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite94249.dll
C:\Users\Derek\AppData\Local\Temp\System.Data.SQLite94843.dll
C:\Users\Derek\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Derek\AppData\Local\Temp\unRZaPUSWP.exe
C:\Users\Derek\AppData\Local\Temp\UzHD07Hn73.exe
C:\Users\Derek\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Derek\AppData\Local\Temp\vIcqotNCox.exe
C:\Users\Derek\AppData\Local\Temp\Z9cmjBLc5p.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-26 14:03

==================== End Of Log ============================

Attached Files



#4 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 27 December 2014 - 09:06 PM

Please do this next:

icon11.gif   Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it in the same location as FRST (usually your desktop) as fixlist.txt

HKLM-x32\...\Run: [ospd_us_531] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Folder: C:\ProgramData\1837308050
Folder: C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276
C:\Users\Derek\AppData\Local\Temp\unRZaPUSWP.exe
C:\Users\Derek\AppData\Local\Temp\UzHD07Hn73.exe
C:\Users\Derek\AppData\Local\Temp\Z9cmjBLc5p.exe
C:\Users\Derek\AppData\Local\Temp\sprz.exe
EmptyTemp:
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now run FRST again.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) please post it to your reply.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#5 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 28 December 2014 - 12:02 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-12-2014
Ran by Derek at 2014-12-27 23:44:57 Run:1
Running from C:\Users\Derek\Desktop
Loaded Profile: Derek (Available profiles: Derek & UpdatusUser & Mcx1)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [ospd_us_531] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3978693-1187435272-2813009078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Folder: C:\ProgramData\1837308050
Folder: C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276
C:\Users\Derek\AppData\Local\Temp\unRZaPUSWP.exe
C:\Users\Derek\AppData\Local\Temp\UzHD07Hn73.exe
C:\Users\Derek\AppData\Local\Temp\Z9cmjBLc5p.exe
C:\Users\Derek\AppData\Local\Temp\sprz.exe
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ospd_us_531 => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3978693-1187435272-2813009078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.

========================= Folder: C:\ProgramData\1837308050 ========================

2014-12-17 19:01 - 2014-12-17 19:01 - 0000000 ____H () C:\ProgramData\1837308050\BITF048.tmp

====== End of Folder: ======

========================= Folder: C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276 ========================

2012-11-05 16:20 - 2012-11-05 16:20 - 0535008 _____ (Microsoft Corporation) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\msvcp110.dll
2012-11-05 16:20 - 2012-11-05 16:20 - 0875472 _____ (Microsoft Corporation) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\msvcr110.dll
2014-12-15 07:27 - 2014-12-15 07:27 - 0386608 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Runner.exe
2014-12-17 12:15 - 2014-12-17 12:15 - 0193439 _____ (MILE 27 LTD) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\uninstall.exe
2014-12-17 12:18 - 2014-12-19 12:01 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin
2014-12-17 12:18 - 2014-10-23 04:44 - 0000224 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\37.0.2062.124.manifest
2014-12-17 12:18 - 2014-11-12 10:10 - 29971456 _____ (The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.dll
2014-12-17 12:18 - 2014-11-12 10:26 - 0655872 _____ (The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome.exe
2014-12-17 12:18 - 2014-10-23 03:14 - 0980661 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome_100_percent.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 1476032 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome_200_percent.pak
2014-12-17 12:18 - 2014-11-12 10:26 - 34505728 _____ (The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome_child.dll
2014-12-17 12:18 - 2014-10-23 03:20 - 0125952 _____ (The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\chrome_elf.dll
2014-12-17 12:18 - 2013-08-02 13:55 - 3231832 _____ (Microsoft Corporation) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\d3dcompiler_46.dll
2014-12-17 12:18 - 2014-10-23 03:23 - 0880128 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\ffmpegsumo.dll
2014-12-17 12:18 - 2014-10-09 08:12 - 9980368 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\icudtl.dat
2014-12-17 12:18 - 2014-10-23 03:19 - 0167936 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\libEGL.dll
2014-12-17 12:18 - 2014-10-23 03:09 - 0303616 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\libexif.dll
2014-12-17 12:18 - 2014-10-23 03:14 - 1091584 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\libGLESv2.dll
2014-12-17 12:18 - 2014-10-23 03:23 - 0477184 _____ (The Chromium Authors) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\metro_driver.dll
2014-12-17 12:18 - 2014-10-23 03:50 - 3933320 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\nacl_irt_x86_32.nexe
2014-12-17 12:18 - 2014-10-23 03:52 - 3126800 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\nacl_irt_x86_64.nexe
2014-12-17 12:18 - 2014-10-23 03:26 - 8569856 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\pdf.dll
2014-12-17 12:18 - 2014-10-23 03:20 - 0324608 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-12-17 12:18 - 2014-10-23 03:24 - 12757344 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\resources.pak
2014-12-17 12:18 - 2014-10-09 03:15 - 0000637 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\SecondaryTile.png
2014-12-17 12:18 - 2014-10-09 03:14 - 0067072 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\wow_helper.exe
2014-12-19 12:01 - 2014-12-19 12:01 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\Dictionaries
2014-12-19 12:01 - 2014-12-19 12:01 - 0440949 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\Dictionaries\en-US-3-0.bdic
2014-12-17 12:18 - 2014-12-17 12:18 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales
2014-12-17 12:18 - 2014-10-23 03:14 - 0316724 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\am.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0305258 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ar.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0377972 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\bg.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0484279 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\bn.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0229220 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ca.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0226666 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\cs.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0206889 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\da.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0227524 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\de.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0414373 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\el.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0188918 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\en-GB.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0188817 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\en-US.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0233433 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\es.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0227765 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\es-419.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0200675 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\et.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0322972 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\fa.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0213406 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\fi.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0231616 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\fil.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0243378 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\fr.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0458224 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\gu.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0259458 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\he.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0469167 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\hi.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0215726 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\hr.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0239398 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\hu.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0203120 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\id.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0222264 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\it.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0274678 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ja.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0526011 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\kn.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0232941 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ko.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0223781 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\lt.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0228111 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\lv.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0596667 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ml.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0461569 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\mr.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0208520 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ms.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0207276 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\nb.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0219183 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\nl.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0221799 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\pl.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0219444 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\pt-BR.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0224460 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\pt-PT.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0233293 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ro.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0350973 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ru.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0233988 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\sk.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0211959 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\sl.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0346373 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\sr.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0208106 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\sv.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0208580 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\sw.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0545793 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\ta.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0517882 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\te.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0454138 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\th.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0224331 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\tr.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0359181 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\uk.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0255851 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\vi.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0185229 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\zh-CN.pak
2014-12-17 12:18 - 2014-10-23 03:14 - 0188279 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\locales\zh-TW.pak
2014-12-17 12:18 - 2014-12-17 12:18 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\PepperFlash
2014-12-17 12:18 - 2014-09-22 22:19 - 0002044 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\PepperFlash\manifest.json
2014-12-17 12:18 - 2014-09-22 23:07 - 14891848 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Chrome-bin\PepperFlash\pepflashplayer.dll
2014-12-17 12:18 - 2014-12-17 12:18 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Data
2014-12-17 12:18 - 2014-12-17 12:18 - 0021740 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Data\ResPack4.bin
2014-12-17 12:15 - 2014-12-17 12:15 - 0000000 ____D () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules
2010-11-18 11:27 - 2010-11-18 11:27 - 0914432 _____ (Igor Pavlov) C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\7z.dll
2014-12-15 07:28 - 2014-12-15 07:28 - 0078384 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\CmdProc.dll
2014-12-15 07:28 - 2014-12-15 07:28 - 0055856 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\CmlProc.dll
2014-12-15 07:28 - 2014-12-15 07:28 - 0101936 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\CmnUtls.dll
2014-12-15 07:28 - 2014-12-15 07:28 - 0038960 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\InSes.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0094768 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\ManXec.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0049200 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\NavSupp.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0044592 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\PrfIns.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0122416 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\WblSupp.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0054320 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\WbSes.dll
2014-12-15 07:29 - 2014-12-15 07:29 - 0116784 _____ () C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Modules\WdcMan.dll

====== End of Folder: ======

C:\Users\Derek\AppData\Local\Temp\unRZaPUSWP.exe => Moved successfully.
C:\Users\Derek\AppData\Local\Temp\UzHD07Hn73.exe => Moved successfully.
C:\Users\Derek\AppData\Local\Temp\Z9cmjBLc5p.exe => Moved successfully.
C:\Users\Derek\AppData\Local\Temp\sprz.exe => Moved successfully.
EmptyTemp: => Removed 11.3 GB temporary data.

The system needed a reboot.

==== End of Fixlog 23:56:04 ====



#6 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 28 December 2014 - 10:26 AM

Please do this next:

icon11.gif  Download Combofix from HERE, and save it to your desktop.  

**Note:  It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

  • If you have trouble, stop and post back.  Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.
.
Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Please include the following in your next post:
  • ComboFix log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#7 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 28 December 2014 - 12:59 PM

I ran ComboFix, but it didn't create a log. It went through a few processes, but never produced a file or displayed any results.



#8 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 28 December 2014 - 04:07 PM

Please reboot into the Safe Mode and try running ComboFix again.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#9 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 28 December 2014 - 07:06 PM

ComboFix 14-12-25.01 - Derek 12/28/2014  17:55:07.2.2 - x64 MINIMAL
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4062.3295 [GMT -5:00]
Running from: c:\users\Derek\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\donutleads
c:\program files (x86)\donutleads\DonutLeadsService.exe
c:\program files (x86)\donutleads\HtmlAgilityPack.dll
c:\program files (x86)\donutleads\Microsoft.Win32.TaskScheduler.dll
c:\program files (x86)\donutleads\Newtonsoft.Json.dll
c:\program files (x86)\donutleads\RestSharp.dll
c:\programdata\1837308050
c:\programdata\1837308050\BITF048.tmp
c:\programdata\PurpleRain
c:\programdata\PurpleRain\PurpleRain.exe
c:\users\Derek\AppData\Local\BrowserSafeguard
c:\users\Derek\AppData\Local\BrowserSafeguard\cookies.dat
c:\users\Derek\AppData\Local\nsyC20D.tmp
c:\users\Derek\AppData\Local\Temp\{74330AA7-427C-47FF-9F75-847E7CEF1123}\{3AFEF6A0-F4AA-4DD9-A0B7-1CC9E3F41BDB}\recovery\101.3.21.141\ChromeRecovery.exe
c:\users\Derek\AppData\Local\Temp\{74330AA7-427C-47FF-9F75-847E7CEF1123}\{3AFEF6A0-F4AA-4DD9-A0B7-1CC9E3F41BDB}\recovery\101.3.21.141\GoogleUpdateSetup.exe
c:\users\Derek\AppData\Roaming\AnyProtectEx
c:\users\Derek\AppData\Roaming\AnyProtectEx\installer\ab.test.json
c:\users\Derek\AppData\Roaming\AnyProtectEx\installer\tempfile.t
c:\users\Derek\AppData\Roaming\AnyProtectEx\language\de.xml
c:\users\Derek\AppData\Roaming\AnyProtectEx\language\en.xml
c:\users\Derek\AppData\Roaming\AnyProtectEx\language\fr.xml
c:\users\Derek\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.quick.results
c:\users\Derek\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.results
c:\users\Derek\AppData\Roaming\AnyProtectEx\swf\mov01.swf
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((((   Files Created from 2014-11-28 to 2014-12-28  )))))))))))))))))))))))))))))))
.
.
2014-12-28 23:05 . 2014-12-28 23:05 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B775F6E0-C273-4BFE-80F5-70A924B96066}\offreg.dll
2014-12-28 23:03 . 2014-12-28 23:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-12-28 23:03 . 2014-12-28 23:03 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2014-12-28 23:03 . 2014-12-28 23:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-28 23:03 . 2014-12-28 23:05 -------- d-----w- c:\users\Derek\AppData\Local\temp
2014-12-28 04:47 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B775F6E0-C273-4BFE-80F5-70A924B96066}\mpengine.dll
2014-12-28 01:35 . 2014-12-28 04:56 -------- d-----w- C:\FRST
2014-12-26 18:36 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-25 17:29 . 2014-12-25 17:35 -------- d-----w- c:\users\Derek\Full Backup
2014-12-25 17:24 . 2014-12-25 17:25 -------- d-----w- c:\program files (x86)\Cobian Backup 11
2014-12-24 17:00 . 2014-12-24 17:02 -------- d-----w- c:\users\Derek\songs 1214
2014-12-24 16:36 . 2014-12-24 16:36 -------- d-----w- c:\users\Derek\AppData\Local\Amazon Music
2014-12-22 02:35 . 2014-12-18 20:44 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64D5B644-C5EC-4A25-A908-CE11310BDE52}\gapaengine.dll
2014-12-18 02:45 . 2014-12-18 13:44 -------- d-----w- c:\program files\34CA5397-00C7-4B1E-B7C5-7D372DDEA25C
2014-12-18 02:40 . 2014-12-18 02:40 1487840 ------w- c:\users\Derek\AppData\Roaming\PEHLZF.exe
2014-12-18 02:39 . 2014-12-18 02:39 1967584 ------w- c:\users\Derek\AppData\Roaming\WNOTDII.exe
2014-12-18 02:39 . 2014-12-18 02:39 -------- d-----w- c:\users\Derek\AppData\Local\globalUpdate
2014-12-18 02:35 . 2014-12-18 02:42 -------- d-----w- c:\programdata\donutleads
2014-12-17 19:46 . 2014-12-17 19:48 -------- d-----w- c:\programdata\WRData
2014-12-17 19:44 . 2014-12-18 03:28 -------- d-----w- c:\users\Derek\AppData\Local\LogMeIn Rescue Applet
2014-12-17 17:15 . 2014-12-17 17:18 -------- d-----w- c:\users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276
2014-12-17 17:15 . 2014-12-17 17:15 -------- d-----w- c:\program files (x86)\predm
2014-12-17 16:37 . 2014-12-17 08:26 61064 ----a-w- c:\windows\system32\drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys
2014-12-17 16:36 . 2014-12-17 16:36 -------- d-----w- c:\program files (x86)\HitsBlenderUpdater
2014-12-16 17:34 . 2014-12-16 17:34 -------- d-----w- c:\users\Derek\AppData\Local\ospd_us_511
2014-12-16 17:33 . 2014-12-17 17:10 -------- d-----w- c:\program files (x86)\37EE3489-84C3-4573-BC84-F6F7DCC25F25
2014-12-16 17:33 . 2014-12-16 17:33 2092 ------w- c:\windows\patsearch.bin
2014-12-16 17:33 . 2014-12-17 17:13 -------- d-----w- c:\program files\shopperz
2014-12-16 17:32 . 2014-12-17 19:26 -------- d-----w- c:\programdata\PicColorData
2014-12-16 17:32 . 2014-12-14 15:53 332568 ------w- c:\windows\SysWow64\ColorMedia.dll
2014-12-16 17:32 . 2014-12-14 15:53 378640 ----a-w- c:\windows\system32\ColorMedia64.dll
2014-12-16 17:31 . 2014-12-16 17:31 -------- d-----w- c:\program files (x86)\LuckyTab
2014-12-16 17:31 . 2014-12-16 17:31 -------- d-----w- c:\users\Derek\AppData\Roaming\SimpleFiles
2014-12-13 17:58 . 2014-12-13 17:58 -------- d-----w- c:\users\Derek\AppData\Local\Rainmaker_Software_Group_
2014-12-13 17:58 . 2014-12-13 17:58 -------- d-----w- c:\users\Derek\AppData\Roaming\Rainmaker Software Group LLC.?
2014-12-11 08:10 . 2014-11-04 00:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-11 08:10 . 2014-11-04 00:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-11 08:09 . 2014-11-07 01:33 974848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-11 08:09 . 2014-11-07 01:28 1209856 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-11 08:05 . 2014-12-03 02:06 278528 ----a-w- c:\windows\SysWow64\schannel.dll
2014-12-11 08:05 . 2014-12-03 01:51 347136 ----a-w- c:\windows\system32\schannel.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-18 20:44 . 2012-02-10 14:30 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-12-11 08:38 . 2014-07-10 17:49 21976 ----a-w- c:\windows\system32\drivers\SPPD.sys
2014-12-11 08:11 . 2006-11-02 12:35 112710672 ----a-w- c:\windows\system32\mrt.exe
2014-12-10 16:48 . 2012-05-26 13:28 701104 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 16:48 . 2012-01-04 12:34 71344 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-19 15:38 . 2014-11-19 15:38 56528 ----a-w- c:\windows\system32\drivers\netfilter64.sys
2014-11-19 09:26 . 2014-11-19 09:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-10-30 11:25 . 2012-01-04 12:30 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-24 01:04 . 2014-11-13 08:02 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-24 01:03 . 2014-11-19 08:00 499200 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-24 00:39 . 2014-11-13 08:02 77312 ----a-w- c:\windows\system32\packager.dll
2014-10-24 00:39 . 2014-11-19 08:00 656384 ----a-w- c:\windows\system32\kerberos.dll
2014-10-18 01:08 . 2014-11-13 08:10 564224 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-18 00:46 . 2014-11-13 08:10 847360 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-12 23:52 . 2014-11-13 08:15 2782208 ----a-w- c:\windows\system32\win32k.sys
2014-10-10 01:10 . 2014-11-13 08:10 548352 ----a-w- c:\windows\system32\termsrv.dll
2014-10-10 01:09 . 2014-11-13 08:10 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-10 01:09 . 2014-11-13 08:10 1689600 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-10 01:01 . 2014-11-13 08:10 77312 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-10 01:00 . 2014-11-13 08:10 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-09 23:53 . 2014-11-13 08:10 619520 ----a-w- c:\windows\system32\adtschema.dll
2014-10-09 23:22 . 2014-11-13 08:10 619520 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-03 01:18 . 2014-11-13 08:10 274432 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:17 . 2014-11-13 08:10 115712 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-10-03 01:17 . 2014-11-13 08:10 396800 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:03 . 2014-11-13 08:10 313344 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:02 . 2014-11-13 08:10 201728 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:01 . 2014-11-13 08:10 446976 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:01 . 2014-11-13 08:10 474624 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-02 23:49 . 2014-11-13 08:10 88576 ----a-w- c:\windows\SysWow64\audiodg.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\system32\drivers\atapi.sys
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
[7] 2008-01-21 . 1898FAE8E07D97F2F6C2D5326C633FAC . 22584 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[7] 2006-11-02 . DF96CF8885724430024B7522E5C95722 . 20072 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
.
[7] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\system32\drivers\asyncmac.sys
.
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\kbdclass.sys
[7] 2008-01-21 . 88EE8513158979334FEEBFD777DFF390 . 42040 . . [6.0.6000.20734] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6000.16386] .. c:\windows\system32\drivers\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_917586af\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_d1a065f2\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_36381f4d\kbdclass.sys
[7] 2006-11-02 . 4324BBE0D86A15107C670E16218BF9C9 . 39528 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_c5bba9ff\kbdclass.sys
.
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\system32\drivers\ndis.sys
.
[7] 2013-03-03 . 2ACCAA3C3C55370A32F17B3595E1A217 . 1513320 . . [6.0.6002.18799] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_041dfd72d2b022fb\ntfs.sys
[7] 2013-03-03 . AED552361D97B9C49D51902B70CE713D . 1501032 . . [6.0.6002.23070] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_04b41183ebc5d73d\ntfs.sys
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[7] 2013-03-03 . 2ACCAA3C3C55370A32F17B3595E1A217 . 1513320 . . [6.0.6000.16386] .. c:\windows\system32\drivers\ntfs.sys
.
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_05848900d35a7bfd\null.sys
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\system32\drivers\null.sys
.
[7] 2014-04-05 . 00F77C4555FFABC21ADDB3160B2F574A . 1422784 . . [6.0.6002.19080] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_10cc8f481c2af7ee\tcpip.sys
[7] 2014-04-05 . 89399663A2F0393AFFC79E8397ECA844 . 1417664 . . [6.0.6002.23370] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_1160ffcb35407615\tcpip.sys
[7] 2013-07-05 . C2CB949645C299E23FBFD26CAD3FC96E . 1423808 . . [6.0.6002.18880] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_10ccb5401c2ac785\tcpip.sys
[7] 2013-07-05 . EA8623BDD511A1ACD18DA4883860ADDE . 1417664 . . [6.0.6002.23152] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_11789c6b352e7693\tcpip.sys
[7] 2013-05-08 . C7C60777592EEF169A11647AAE7A91C3 . 1423720 . . [6.0.6002.18835] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_1107c64e1bfdba83\tcpip.sys
[7] 2013-05-08 . 19A5E570048788BE9343FA96C15CEF6F . 1417576 . . [6.0.6002.23106] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_11b2ad2f3502503a\tcpip.sys
[7] 2013-01-04 . 0E970F59D7FBB838316176B19A2ADB82 . 1423720 . . [6.0.6002.18764] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_10e6545a1c16f7d8\tcpip.sys
[7] 2013-01-04 . 2860D16C5021F72130212DDB1C53018F . 1417576 . . [6.0.6002.23013] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_11a4da7f350d22ff\tcpip.sys
[7] 2012-03-30 . 46D448E9117464E4D3BBF36D7E3FA48E . 1423744 . . [6.0.6002.18604] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[7] 2012-03-30 . AC8D5728E6AD6A7C4819D9A67008337A . 1422720 . . [6.0.6002.22828] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[7] 2011-09-20 . 2CC45D932BD193CD4117321D469AD6B2 . 1426304 . . [6.0.6002.18519] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[7] 2011-09-20 . 73BED5067ED53A9DF05FA8EAB42578D0 . 1423744 . . [6.0.6002.22719] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[7] 2010-04-06 . 150C1A66A7094F84560519261A309BC6 . 1423752 . . [6.0.6002.22377] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[7] 2010-04-05 . 8E7CD6BA2F09B46CE72D308F166C0B12 . 1414024 . . [6.0.6001.22665] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[7] 2010-02-18 . 4680D08A2E8A2509CD9B751D7AF59606 . 1414032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[7] 2010-02-18 . 30C4ABC8075DEA44D7E775D434AF1753 . 1420688 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[7] 2010-02-18 . B4B7B375FDD672AF79B0CBE9B9A48B47 . 1427336 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[7] 2010-02-18 . 4AD4600DF1F09EE7462152C061B683C8 . 1423752 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[7] 2010-02-18 . 7B0B928E318CADC23C87226BE0A1097D . 1198080 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[7] 2010-02-18 . 396CF3FD8D2A4FDF55570C01894DB9DF . 1200640 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[7] 2009-08-15 . D4E30E6BADFF21865C3A075457CF9C00 . 1196032 . . [6.0.6000.21108] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[7] 2009-08-14 . 3BCD46BE9988B09D3510A0EF54F0D65B . 1418840 . . [6.0.6001.18311] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[7] 2009-08-14 . 74B776CA1B328095FE23A3306B1613A3 . 1413208 . . [6.0.6001.22497] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[7] 2009-08-14 . A7BFF59C2F610F62E6C292074FF36A1E . 1425992 . . [6.0.6002.18091] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[7] 2009-08-14 . D45D67A18C9FD4CC637BC9D4585C0646 . 1424952 . . [6.0.6002.22200] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[7] 2009-08-14 . 34B30202AECCB530FDDC6C6CCFA2FB46 . 1200640 . . [6.0.6000.16908] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[7] 2009-04-11 . 99D07AD0EF2C535610F6573C29BC045E . 1426408 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[7] 2014-04-05 . 89399663A2F0393AFFC79E8397ECA844 . 1417664 . . [6.0.6002.23370] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_d507c23d565be6a3\browser.dll
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[7] 2014-12-03 . 26150064FB51AB02F1EA8B1AE9D2E2FE . 11264 . . [6.0.6002.23555] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_04a81d512b90ae74\lsass.exe
[7] 2014-10-10 . 3EF1E9AA17CFBBD9DB410BDEC0EA5564 . 11264 . . [6.0.6002.23521] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_04c48bed2b7bf545\lsass.exe
[-] 2014-09-19 . A56F60DDA13AA3641426DB289C282CB2 . 11264 . . [6.0.6002.23498] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23498_none_047fdc992bae6d16\lsass.exe
[7] 2012-06-01 . 0688C6F0E5B1E0ADB1E10BF6A9023063 . 11264 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_0448bc2012538b41\lsass.exe
[7] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[7] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[7] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[7] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[7] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[7] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[7] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[7] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[7] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[7] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[7] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe
[7] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[7] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[7] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuauclt.exe
[7] 2009-08-07 . 0CAF9B387CC42FC365626003E0751937 . 57560 . . [7.4.7600.226] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_4597bdc113f9f351\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_fc7174b1ecdd9336\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_fe5cedbde9ff5e82\wuauclt.exe
[7] 2006-11-02 . 82979850A3E9B7581E28852139EB9D01 . 44032 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_08ca3670650bd993\wuauclt.exe
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\system32\wuauclt.exe
.
[7] 2013-07-04 . 2E2B796F36C4DA7BDDA70DF95E3D217A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_975e94748dabd227\comctl32.dll
[7] 2013-07-04 . 04BE188624096B6D2F8C760940B2D100 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_414ad6405542c1e6\comctl32.dll
[7] 2013-07-04 . 0F00CDCB55EEC73DA4F32331DEA2A0D7 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_97f5a8cfa6c09fc0\comctl32.dll
[7] 2013-07-04 . 33EF2E827B1292A5CD06E2E937EE9DE1 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_432a6ae8526f3f0f\comctl32.dll
[7] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6d9b810\comctl32.dll
[7] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44c5cb0dae9066\comctl32.dll
[7] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432d25ac526cda7f\comctl32.dll
[7] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9968dcc\comctl32.dll
[7] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe655b750d60b18a\comctl32.dll
[7] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a7622b394b8efb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d76b771\comctl32.dll
[7] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
[7] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
[7] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890626a5a\comctl32.dll
[7] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec\comctl32.dll
[7] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40bf29b13c26ca69\comctl32.dll
[7] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da\comctl32.dll
[7] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6\comctl32.dll
[7] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba849054f4b0\comctl32.dll
[7] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40ba501d3c2b20ff\comctl32.dll
[7] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa\comctl32.dll
[7] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_40339432230aebeb\comctl32.dll
[7] 2013-07-04 . 2E2B796F36C4DA7BDDA70DF95E3D217A . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_88cf765b9e8f4a59\comres.dll
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[7] 2013-10-03 . 66C5431A70C1EA482819DA8AB5B7D274 . 177664 . . [6.0.6002.23235] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_d472c619698494d0\cryptsvc.dll
[7] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6002.18881] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_d3af3c9c5092edcf\cryptsvc.dll
[7] 2013-07-08 . C848E7E63A1A56F092AF5C6032048BD6 . 177664 . . [6.0.6002.23154] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_d45c24116995b634\cryptsvc.dll
[7] 2013-04-24 . 1B22BC0B71F65001479DAB792C3F626C . 174592 . . [6.0.6002.18831] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_d3e54c38506a621a\cryptsvc.dll
[7] 2013-04-24 . F47B316D81160CB2A0BC5F87046B6EFE . 177664 . . [6.0.6002.23101] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_d48f32cf696fde7a\cryptsvc.dll
[7] 2013-04-17 . 6D151DA5731286E52FD2D40DCB8623DB . 174592 . . [6.0.6002.18827] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_d3f61de0505cde33\cryptsvc.dll
[7] 2013-04-17 . F4F2EB4634C783874EFA0516BF3D088F . 177664 . . [6.0.6002.23097] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_d433e35969b374d6\cryptsvc.dll
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145070b66b\cryptsvc.dll
[7] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a969992348\cryptsvc.dll
[7] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[7] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[7] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a62fea3984\imm32.dll
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[7] 2014-04-26 . 00150B5D58D552CC0A9D8C7C5BFE0129 . 622592 . . [1.0626.6002.19096] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.19096_none_0aa427d40e43cb21\usp10.dll
[7] 2014-04-26 . 23FC0C21D83F63A3BF6A9AA41FE44550 . 623616 . . [1.0626.6002.23386] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.23386_none_0b38985727594948\usp10.dll
[7] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b275afcf9\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700e1ced6b\usp10.dll
[7] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec110986fd\usp10.dll
[7] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2a2e5936\usp10.dll
[7] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0dfb9cb0\usp10.dll
[7] 2014-04-26 . 00150B5D58D552CC0A9D8C7C5BFE0129 . 622592 . . [1.0626.6002.19096] .. c:\windows\system32\usp10.dll
.
[7] 2014-02-06 . 3D2BC46317D0FB5854F5C86686D593DB . 1212416 . . [6.0.6002.19034] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_f1a672fb0be4194d\kernel32.dll
[7] 2014-02-06 . E9ED224FDC26809C9C931C60B3D375DA . 1213440 . . [6.0.6002.23323] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_f239e33424fa7e1d\kernel32.dll
[7] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6002.18704] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_f1c706d10bcb97ea\kernel32.dll
[7] 2012-09-28 . 53864C438B27EAC653D35F8ACF0A17FC . 1211904 . . [6.0.6002.22942] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_f223653e250b71f1\kernel32.dll
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0c2e10be78eec\kernel32.dll
[7] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c004224f88e9f\kernel32.dll
[7] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd1caf0ec055f8\kernel32.dll
[7] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00cddde28084bf0\kernel32.dll
[7] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7f9d10bcac530\kernel32.dll
[7] 2014-02-06 . 3D2BC46317D0FB5854F5C86686D593DB . 1212416 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483cda05db182e8\linkinfo.dll
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[7] 2013-06-04 . B70E66A6B5ACF14AEAE3B52D8739D1C6 . 32768 . . [6.0.6002.23132] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_08434269293e5b07\lpk.dll
[7] 2012-12-16 . 29BC2630B5E1A782F7C1A765F6641E39 . 32768 . . [6.0.6002.23004] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_0865b0db29243cbb\lpk.dll
[-] 2012-11-08 . 1B3B77010FB77CE937E48B7ABDC7A0B7 . 32768 . . [6.0.6002.22969] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22969_none_0829faa329502fd2\lpk.dll
[7] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_0814533329607318\lpk.dll
[7] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2c264b6e\lpk.dll
[7] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72c1e3808\lpk.dll
[7] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92ef9aa84\lpk.dll
[7] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde15cd6ce8\lpk.dll
[7] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2941d931\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b2613009b17\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c813249fcd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d08100599ce\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1016b580\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a010058e6a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_07c79a7a1015bdc1\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_07a72ab6102e1194\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_07985b881039c550\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_0c54e1384cf6f7c7\hnetcfg.dll
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[7] 2014-11-24 . 5EC5A4ED207200801DCD3EE95AA0A606 . 17874432 . . [9.00.8112.20715] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_2fed5abb317d15e7\mshtml.dll
[7] 2014-11-24 . 912A7D052F551B9D4F2241E60A7900B5 . 17874432 . . [9.00.8112.16599] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_2f113dd2189cbdda\mshtml.dll
[7] 2014-10-27 . 2F6DCF4DC86DFCF68DAF5758366120AF . 17870336 . . [9.00.8112.20708] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_2ffb2b85317245fb\mshtml.dll
[7] 2014-10-27 . 93690EE6C30DEFC5E07D33B440BCC985 . 17870336 . . [9.00.8112.16592] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_2f0a3bcc18a30c79\mshtml.dll
[7] 2014-09-20 . EEB1D09E04E1ECDEE3D5C09F834093BD . 17867776 . . [9.00.8112.16584] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_2f170c4c18992336\mshtml.dll
[7] 2014-09-19 . 436BA2D9F7C6D9D87A0400EE703628E4 . 17869824 . . [9.00.8112.20700] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_2ff3293531797b43\mshtml.dll
[7] 2014-08-15 . 2A9F0170E7CA41AC69FF248670DCDB84 . 17866752 . . [9.00.8112.20691] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_2f92d84d31c192ec\mshtml.dll
[7] 2014-08-15 . DBA2F43305CF9A8AD17F78F7A8571106 . 17868288 . . [9.00.8112.16575] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_2f22dc821890209c\mshtml.dll
[7] 2014-07-24 . 7A792AD1DB78FF218BB3A2C33404C5CE . 17861120 . . [9.00.8112.16563] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_2f2babda1889d1fd\mshtml.dll
[7] 2014-07-24 . E2E2715CB0295651603C8987B5B110C3 . 17863680 . . [9.00.8112.20674] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_2fab790331aea70f\mshtml.dll
[7] 2014-06-07 . FDC9B927AD2FF9291BE3516A4505297C . 17854464 . . [9.00.8112.16561] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_2f29ab46188b9f4f\mshtml.dll
[7] 2014-06-07 . DCED88F35B4599EEA2D1BF309B5BD981 . 17855488 . . [9.00.8112.20672] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_2fa9786f31b07461\mshtml.dll
[7] 2014-05-28 . AA6BE99A1C04C1DA2EC9880247554BE2 . 17857536 . . [9.00.8112.16555] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_2f387c5a187fe8ba\mshtml.dll
[7] 2014-05-28 . 2AF890BF65C8E6AE0DC64DCA8870E2FC . 17858048 . . [9.00.8112.20666] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_2fb8498331a4bdcc\mshtml.dll
[7] 2014-05-06 . 01FA6D239237350EC45B4B12727B8E00 . 17847808 . . [9.00.8112.16553] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_2f367bc61881b60c\mshtml.dll
[7] 2014-05-05 . C9CD994106194680DC04D3CED31F30C5 . 17848320 . . [9.00.8112.20664] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_2fb648ef31a68b1e\mshtml.dll
[7] 2014-11-24 . 912A7D052F551B9D4F2241E60A7900B5 . 17874432 . . [9.00.8112.16421] .. c:\windows\system32\mshtml.dll
.
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_2f25436a5491724b\msvcrt.dll
[7] 2011-12-14 . 4B2F10ED918CA8B29A04B8B1B34D9349 . 621056 . . [7.0.6002.22755] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_2fb2e3436dab7498\msvcrt.dll
[7] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4ab054655a2f\msvcrt.dll
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\system32\msvcrt.dll
.
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_0123b2f0b2579bf3\powrprof.dll
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed0148f16ae\sfc.dll
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4146ed6b9a71d501\tapisrv.dll
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe
.
[7] 2014-11-24 . F57DFE91E0B8169455EE92144B70624A . 1392640 . . [9.00.8112.20715] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_1e933b9cb126acb1\wininet.dll
[7] 2014-11-24 . BC38D79383F2B4CD435063AED75228D0 . 1392128 . . [9.00.8112.16599] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_1db71eb3984654a4\wininet.dll
[7] 2014-10-27 . 1EDFBDD810B2A761225BBDBECF68C8F5 . 1392640 . . [9.00.8112.20708] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_1ea10c66b11bdcc5\wininet.dll
[7] 2014-10-27 . 189A96C0E45C4A3814C9160EF1F790B5 . 1392128 . . [9.00.8112.16592] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_1db01cad984ca343\wininet.dll
[7] 2014-09-19 . A2E24197853DF27F5799BDA2F6D5A904 . 1392128 . . [9.00.8112.16584] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_1dbced2d9842ba00\wininet.dll
[7] 2014-09-19 . 1006FD5797F9C6644915F10F6C076661 . 1392640 . . [9.00.8112.20700] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_1e990a16b123120d\wininet.dll
[7] 2014-08-15 . 5AD324FE20EEA3CF57267D3035315BBD . 1392640 . . [9.00.8112.20691] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_1e38b92eb16b29b6\wininet.dll
[7] 2014-08-15 . 6CEBA71D2FBFD956A8F144F4CBBD2826 . 1392128 . . [9.00.8112.16575] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_1dc8bd639839b766\wininet.dll
[7] 2014-07-24 . 868C7FF4F7E19AD9C67EB1302EABB38F . 1392128 . . [9.00.8112.16563] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_1dd18cbb983368c7\wininet.dll
[7] 2014-07-24 . 138367A62D5E30C0DC277D89DFCC0E52 . 1393152 . . [9.00.8112.20674] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_1e5159e4b1583dd9\wininet.dll
[7] 2014-06-07 . 5550345E6C4130091C1E4C5F3EF5CF3A . 1392128 . . [9.00.8112.16561] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_1dcf8c2798353619\wininet.dll
[7] 2014-06-07 . 54C40CC93A1E54746B3573F1CA4C6E43 . 1393152 . . [9.00.8112.20672] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_1e4f5950b15a0b2b\wininet.dll
[7] 2014-05-28 . 115705BBED3CACDCEEFDA25E516A92A1 . 1392128 . . [9.00.8112.16555] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_1dde5d3b98297f84\wininet.dll
[7] 2014-05-28 . 498A59FB37145D33D5BAFFD757EEC4AD . 1393152 . . [9.00.8112.20666] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_1e5e2a64b14e5496\wininet.dll
[7] 2014-03-08 . 56932FF02302B2A294A2221FF7FF1F06 . 1392128 . . [9.00.8112.16545] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_1de92d2798216393\wininet.dll
[7] 2014-03-08 . 0E292E8151DA4F3F9C17C07E51F0FA83 . 1392640 . . [9.00.8112.20656] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_1e68fa50b14638a5\wininet.dll
[7] 2014-02-23 . E68C8EDE9003C57546C05237D77252A9 . 1392640 . . [9.00.8112.20651] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_1e63f8deb14ab9f2\wininet.dll
[7] 2014-02-23 . 20A8C401F2C878AE572D4794336B892C . 1392128 . . [9.00.8112.16540] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_1de42bb59825e4e0\wininet.dll
[7] 2014-02-05 . FC806E63529BB3AACD7C3AE2A42E43A7 . 1392640 . . [9.00.8112.20644] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_1e71c9a8b13fea06\wininet.dll
[7] 2014-02-05 . 7A2123BC4CE0485B66A60609154FC835 . 1392128 . . [9.00.8112.16533] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_1df1fc7f981b14f4\wininet.dll
[7] 2013-11-15 . 60CA010B705660542FB33B43C3653BA0 . 1392128 . . [9.00.8112.16526] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_1dffcd4998104508\wininet.dll
[7] 2013-11-15 . A3721831227EB46D975ED0CCDC67CCE5 . 1392640 . . [9.00.8112.20637] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_1e7f9a72b1351a1a\wininet.dll
[7] 2013-10-13 . C4AA30C01694001B8374CC62BF9AE6FF . 1392128 . . [9.00.8112.16520] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_1df9cb8d9815acfe\wininet.dll
[7] 2013-10-13 . 732555988D4CC24CBAE268FDD09B0D6F . 1392640 . . [9.00.8112.20631] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_1e7998b6b13a8210\wininet.dll
[7] 2013-09-22 . 3CD6F07E6416ED6E18A1965CD2B9144A . 1392128 . . [9.00.8112.16514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_1e089ca19809f669\wininet.dll
[7] 2013-09-22 . D9BE2BD72318B7E8E030195112D4333B . 1392640 . . [9.00.8112.20625] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_1e8869cab12ecb7b\wininet.dll
[7] 2013-07-25 . EF560100034BF6C78A979BBB0FF9641C . 1392640 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_1e913922b1287cdc\wininet.dll
[7] 2013-07-25 . CA87556BBA37D1B4F67C331186618673 . 1392128 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_1e116bf99803a7ca\wininet.dll
[7] 2013-05-29 . 5536F6E7B74DA37D3EDBB509DE9CE3F5 . 1392128 . . [9.00.8112.16496] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_1db41bef98490b78\wininet.dll
[7] 2013-05-29 . 6B1D554302FB8A5601D972177D7A866D . 1392640 . . [9.00.8112.20606] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_1e9f09ecb11dacf0\wininet.dll
[7] 2013-05-17 . 4FBE96D97A1E070A06F76F67255C756D . 1392128 . . [9.00.8112.16490] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_1dae1a33984e736e\wininet.dll
[7] 2013-05-17 . 5548A99796DB5DDAA32ED9B53BC3AADC . 1392640 . . [9.00.8112.20600] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_1e990830b12314e6\wininet.dll
[7] 2013-04-05 . 563C71A913CAC0C3DE5FFCD36EDB43A0 . 1392128 . . [9.00.8112.16483] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_1dbbeafd9843a382\wininet.dll
[7] 2013-04-04 . 7FD2D2BE22F9A319AB2FD23DD2C9968A . 1392640 . . [9.00.8112.20593] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_1e3ab7dcb1695f3d\wininet.dll
[7] 2013-02-22 . E6A459C8E90C4A873C923C44F3D9510B . 1392640 . . [9.00.8112.20586] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_1e4888a6b15e8f51\wininet.dll
[7] 2013-02-22 . A4F6142CABA82FB7293ECE5FF864B440 . 1392128 . . [9.00.8112.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_1dc9bbc79838d396\wininet.dll
[7] 2013-01-09 . 435E9C764E1EF70058580996452BE6A2 . 1392128 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_1dd28b1f983284f7\wininet.dll
[7] 2013-01-08 . 43A6A68F1F41B13CA4D580D40DFA57EE . 1392128 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_1e5057b4b159275b\wininet.dll
[7] 2012-11-14 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_1de05be99827b50b\wininet.dll
[7] 2012-11-14 . 5CAF48F12E8CBD96D520F4EFD5B97F76 . 1392128 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_1e5d2834b14f3e18\wininet.dll
[7] 2012-10-04 . 78ECC235E21DF618234E5CC451E1DBBB . 1392128 . . [9.00.8112.16455] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_1dde5b559829825d\wininet.dll
[7] 2012-10-04 . 40E71E30D6FCFC01AC58C6C4F2578357 . 1392128 . . [9.00.8112.20562] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_1e5a2756b151f213\wininet.dll
[7] 2012-08-24 . 3D165C53E40236A68B7102D1A622D4E0 . 1392128 . . [9.00.8112.16450] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_1dd959e3982e03aa\wininet.dll
[7] 2012-08-24 . 456D4E9006DF149C250D40B813290471 . 1392128 . . [9.00.8112.20557] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_1e69f8b4b14554d5\wininet.dll
[7] 2012-06-28 . 807CAA713A27CDF8ABE91BC367DBB269 . 1392128 . . [9.00.8112.16448] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_1dec2c1f981eb271\wininet.dll
[7] 2012-06-28 . 7BE278BB0CC3DF017DEC2610D1EA228A . 1392128 . . [9.00.8112.20554] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_1e66f7d6b14808d0\wininet.dll
[7] 2012-06-02 . 5A45FA344F4AD99D903F4B20E43B89EC . 1392128 . . [9.00.8112.16447] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_1deb2bd5981f991a\wininet.dll
[7] 2012-06-02 . 571E809181EBF0A04FEFAA9BC9961F5B . 1392128 . . [9.00.8112.20553] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_1e65f78cb148ef79\wininet.dll
[7] 2012-05-18 . 870ECFEBD41C7B8F9C6777748368D51F . 1392128 . . [9.00.8112.16446] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_1dea2b8b98207fc3\wininet.dll
[7] 2012-05-18 . BDC16D105BF011D4B1C3F09CF7A64314 . 1392128 . . [9.00.8112.20551] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_1e63f6f8b14abccb\wininet.dll
[7] 2012-02-28 . 228443FF3A1FB0B974D278F7C6403FAD . 1390080 . . [9.00.8112.16443] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_1de72aad982333be\wininet.dll
[7] 2012-02-28 . B70CDC073F70E6D082A62AB5880D6B07 . 1390080 . . [9.00.8112.20548] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_1e75c8eab13c523b\wininet.dll
[7] 2012-01-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_1de429cf9825e7b9\wininet.dll
[7] 2011-12-14 . B1AC85B6ADC005CF3F9EB4E28DFDCCE6 . 1390080 . . [9.00.8112.16441] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_1de52a1998250110\wininet.dll
[7] 2011-12-14 . C2FA4DBD6BB91D1AFD7D155120654AB9 . 1390080 . . [9.00.8112.20546] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_1e73c856b13e1f8d\wininet.dll
[7] 2011-10-21 . 7CC99B59D95F6D32F159018AE021816C . 1041408 . . [7.00.6002.22730] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22730_none_60573f06708cb23c\wininet.dll
[7] 2011-10-20 . 8F677A6E9D743519A5F59BC275658FE4 . 1032192 . . [7.00.6002.18531] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18531_none_5fcea09f576e2ea2\wininet.dll
[7] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[7] 2014-11-24 . BC38D79383F2B4CD435063AED75228D0 . 1392128 . . [9.00.8112.16421] .. c:\windows\system32\wininet.dll
.
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\ws2help.dll
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[7] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee10c108556a\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d7a8078d99\ole32.dll
[7] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7baaf08c87\ole32.dll
[7] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b36c3dc9850\ole32.dll
[7] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbeba7d09d06\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f718665b4c03ea89\ctfmon.exe
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[7] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f1fd585934f\shsvcs.dll
[7] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3aaf1823d60\shsvcs.dll
[7] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebda8ee92f85e\shsvcs.dll
[7] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f51d8629d02\shsvcs.dll
[7] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b873024ebb78030\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af7919dd29f485c\shsvcs.dll
[7] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71b9d26cd364\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701a4938f68d83\regsvc.dll
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf8454ca4d06e\schedsvc.dll
[7] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab4414f8780bd\schedsvc.dll
[7] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e08c065a3caed\schedsvc.dll
[7] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b49134268c58d72\schedsvc.dll
[7] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b33214c81b53a\schedsvc.dll
[7] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427e0952313d0c\schedsvc.dll
[7] 2008-01-21 . C276539A14D96AB20A86B8B173F2C3D0 . 844288 . . [6.0.6000.20734] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_89a6a99e6b6bb1f6\schedsvc.dll
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe80e6f8995baeb\ssdpsrv.dll
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2014-10-11 . B18D133516A620F8C1BEE5B004B2B45B . 551424 . . [6.0.6002.23521] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_ed1942f322f4d471\termsrv.dll
[7] 2014-10-10 . 5A67A1108E347FCA6A64B74FFB108BDE . 548352 . . [6.0.6002.19214] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_ec9d732609cc6a6d\termsrv.dll
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[7] 2014-10-10 . 5A67A1108E347FCA6A64B74FFB108BDE . 548352 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[7] 2013-07-08 . 82272D72710ED6A40E9A2A2286A9BBF4 . 4691904 . . [6.0.6002.18881] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_c9e004d869e6b24e\ntoskrnl.exe
[7] 2013-07-08 . B1AAE884320029A58F72B7CE0ABBDDB2 . 4664256 . . [6.0.6002.23154] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_ca8cec4d82e97ab3\ntoskrnl.exe
[7] 2013-03-11 . 1F8B1075A863117A35EE94436E2962E7 . 4691304 . . [6.0.6002.18805] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_ca3a856069a23822\ntoskrnl.exe
[7] 2013-03-11 . 1873B95FCEAA40EC9CADF2C1BB61ABF2 . 4678504 . . [6.0.6002.23076] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_ca794b2382f7e81c\ntoskrnl.exe
[7] 2013-01-22 . B1266A731C2326EBE8E01F46F18728AC . 4681592 . . [6.0.6002.23025] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_caae5a7582d04310\ntoskrnl.exe
[7] 2013-01-05 . 8A3AB79510C3384BF14D1731DD1ED963 . 4695400 . . [6.0.6002.18765] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_c9f9a3f269d2e2a1\ntoskrnl.exe
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
[7] 2012-08-29 . 34C970A45CCC0D65A4A0F8D306E12844 . 4686208 . . [6.0.6002.22920] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
[7] 2012-04-03 . B59E026F49BF06B435795F867AD46009 . 4687232 . . [6.0.6002.22831] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[7] 2012-04-03 . 7180984A68411B9D2F2495E03561B47E . 4699520 . . [6.0.6002.18607] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[7] 2012-03-06 . 98581CA6B029D491F60E32A045BC4FF1 . 4699520 . . [6.0.6002.18595] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_c9d9306269eb3c26\ntoskrnl.exe
[7] 2012-03-06 . B448C24F801DC79661E30DBC8E739DB2 . 4687744 . . [6.0.6002.22811] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_cab54f3182cb915a\ntoskrnl.exe
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[7] 2011-06-20 . D14B8C4AB6C05B89D430D3911FE2833B . 4688784 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[7] 2010-10-15 . 760A67A51D409EB396D1942D5555435C . 4692368 . . [6.0.6001.18538] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[7] 2010-10-15 . 4065E920FB6ED05B5F62A1FB6908C6C5 . 4699024 . . [6.0.6002.18327] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[7] 2010-10-15 . 255A6D981139EFEF605A88E003D1B2A2 . 4689808 . . [6.0.6002.22505] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[7] 2010-10-15 . 3A22B135BC4341025E19B9ADFB26C02A . 4678032 . . [6.0.6001.22777] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[7] 2009-04-11 . 1B60CCC70788044404EEFBBB389FC111 . 4699608 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[7] 2013-07-08 . 82272D72710ED6A40E9A2A2286A9BBF4 . 4691904 . . [6.0.6002.18881] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_442037e04fa9b5c7\ksuser.dll
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_d38a739ed46982f7\msimg32.dll
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\system32\msimg32.dll
.
[7] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll
[7] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
[7] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll
[7] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2013-10-03 . 165E9D93A84A7F55EBEEB1B554110680 . 135168 . . [6.0.6002.23235] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6002.18881] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[7] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6002.23154] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[7] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6002.18831] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[7] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6002.23101] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[7] 2013-04-17 . 58CEF2D243575512657452B9E89A2E1F . 133120 . . [6.0.6002.18827] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[7] 2013-04-17 . CC8E2C87016A07892B5448D764BF8A30 . 135168 . . [6.0.6002.23097] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
.
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf8644afb7f\imm32.dll
.
[7] 2014-02-06 . CB4039C1E837995146B29F77E815E2E8 . 862208 . . [6.0.6002.23323] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_fc8e8d86595b4018\kernel32.dll
[7] 2014-02-06 . F55CB10F43802526018AD72604420878 . 861696 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[7] 2014-02-06 . F55CB10F43802526018AD72604420878 . 861696 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_fbfb1d4d4044db48\kernel32.dll
[7] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6002.18704] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_fc1bb123402c59e5\kernel32.dll
[7] 2012-09-28 . 04876F4758D10B768D4CF792D03FC9CF . 860672 . . [6.0.6002.22942] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_fc780f90596c33ec\kernel32.dll
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6002.18449] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf56d33404850e7\kernel32.dll
[7] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90aa945959509a\kernel32.dll
[7] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11c701432117f3\kernel32.dll
[7] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa6188305c690deb\kernel32.dll
[7] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1ca423402b872b\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865321ca55411b2\linkinfo.dll
.
[7] 2013-06-04 . 25D23247F95873C7322BE6B5E9A0DB93 . 23552 . . [6.0.6002.23132] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_1297ecbb5d9f1d02\lpk.dll
[7] 2012-12-16 . 1AFE3E0E4FBAE0FA540CBCEEC5E39D1F . 23552 . . [6.0.6002.23004] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_12ba5b2d5d84feb6\lpk.dll
[7] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855dc13513\lpk.dll
[7] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef60870d69\lpk.dll
[7] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304a2e2ee3\lpk.dll
[7] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b635a6c7f\lpk.dll
[7] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c429607efa03\lpk.dll
[7] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5da29b2c\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a44665bc9\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4477777b\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def244665065\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_121c44cc44767fbc\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_11fbd508448ed38f\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_11ed05da449a874b\lpk.dll
[7] 2008-01-19 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f257847615d12\lpk.dll
[7] 2008-01-19 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a478561c8\lpk.dll
.
[7] 2014-11-24 . D86631F4E180273746A79101322394E6 . 12371456 . . [9.00.8112.20715] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_d3cebf37791fa4b1\mshtml.dll
[7] 2014-11-24 . 91F488C0ED1D8B1FDC112F95A4965CC6 . 12369920 . . [9.00.8112.16421] .. c:\windows\SysWOW64\mshtml.dll
[7] 2014-11-24 . 91F488C0ED1D8B1FDC112F95A4965CC6 . 12369920 . . [9.00.8112.16599] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_d2f2a24e603f4ca4\mshtml.dll
[7] 2014-10-27 . 0EE89DC5D4C7A29C03B83F9E42643EEA . 12367360 . . [9.00.8112.20708] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_d3dc90017914d4c5\mshtml.dll
[7] 2014-10-27 . 5BDCC7129C2F0A25F8A8FF6A3BDD9896 . 12366848 . . [9.00.8112.16592] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_d2eba04860459b43\mshtml.dll
[7] 2014-09-19 . 3E7834CD2A543D58443BBE38FD74E8EB . 12364288 . . [9.00.8112.16584] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_d2f870c8603bb200\mshtml.dll
[7] 2014-09-19 . 5E91ECBE5541206D2C31A2B5BB38D97F . 12364800 . . [9.00.8112.20700] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_d3d48db1791c0a0d\mshtml.dll
[7] 2014-08-15 . 7EBA54A72C5B0FF522003FBEBB9994CB . 12363776 . . [9.00.8112.20691] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_d3743cc9796421b6\mshtml.dll
[7] 2014-08-15 . B7E3AF84D1CF6CAA39EA69EF2734B517 . 12363264 . . [9.00.8112.16575] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_d30440fe6032af66\mshtml.dll
[7] 2014-07-24 . 601FCEB3AB6B81F48CCF1E22FFA5E6D4 . 12356608 . . [9.00.8112.16563] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_d30d1056602c60c7\mshtml.dll
[7] 2014-07-24 . A1326470C9DC5E8D81C0F9F0FCCDB158 . 12357632 . . [9.00.8112.20674] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_d38cdd7f795135d9\mshtml.dll
[7] 2014-06-07 . BEFE2A3B0FD950E895A623DF4238247E . 12353024 . . [9.00.8112.16561] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_d30b0fc2602e2e19\mshtml.dll
[7] 2014-06-06 . 6D5EC036CE03EE1EBB2972200A8856EE . 12352512 . . [9.00.8112.20672] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_d38adceb7953032b\mshtml.dll
[7] 2014-05-28 . 0A05BABD0424A3A5882DFA016931A007 . 12357120 . . [9.00.8112.20666] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_d399adff79474c96\mshtml.dll
[7] 2014-05-28 . B7363143940197BD9F16FD957B4F8131 . 12356608 . . [9.00.8112.16555] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_d319e0d660227784\mshtml.dll
[7] 2014-05-05 . 0E468A0C51460D8DA3DF9B782275F1DB . 12347392 . . [9.00.8112.16553] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_d317e042602444d6\mshtml.dll
[7] 2014-05-05 . 978376F3B5B6265463E6C9059ED373CA . 12347904 . . [9.00.8112.20664] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_d397ad6b794919e8\mshtml.dll
[7] 2014-04-29 . DCAA40C2C9F8EE14BAEA773576C26766 . 12347392 . . [9.00.8112.16546] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16546_none_d325b10c601974ea\mshtml.dll
[7] 2014-04-29 . 07501A7E7D9DF1FAB910164D31ED069C . 12348416 . . [9.00.8112.20657] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20657_none_d3a57e35793e49fc\mshtml.dll
[7] 2014-03-07 . 10D0FA4F2A6ADBEEA0FFF10583CC5407 . 12347904 . . [9.00.8112.16545] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16545_none_d324b0c2601a5b93\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
.
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[7] 2014-11-24 . 771EE57063F9F6798DC2E52DC0042912 . 1130496 . . [9.00.8112.20715] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_c274a018f8c93b7b\wininet.dll
[7] 2014-11-24 . AA680F0065A505118BDD9181BCE7C83D . 1129472 . . [9.00.8112.16421] .. c:\windows\SysWOW64\wininet.dll
[7] 2014-11-24 . AA680F0065A505118BDD9181BCE7C83D . 1129472 . . [9.00.8112.16599] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll
[7] 2014-10-27 . 746B4DDFD053B4A363D43D077F5B3916 . 1130496 . . [9.00.8112.20708] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_c28270e2f8be6b8f\wininet.dll
[7] 2014-10-27 . B6260FAA9ACF8AC13312C739B23BD0BE . 1129472 . . [9.00.8112.16592] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_c1918129dfef320d\wininet.dll
[7] 2014-09-19 . 3252D4791357FEE6C2BAF0619C041317 . 1129472 . . [9.00.8112.16584] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_c19e51a9dfe548ca\wininet.dll
[7] 2014-09-19 . 0247DDE7AAC890C68E88F158305461BB . 1130496 . . [9.00.8112.20700] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_c27a6e92f8c5a0d7\wininet.dll
[7] 2014-08-15 . 15CBB5EC923B37F34039525998E080B3 . 1130496 . . [9.00.8112.20691] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_c21a1daaf90db880\wininet.dll
[7] 2014-08-15 . BAE2B45ED648DEA784A2048BDB22F3F8 . 1129472 . . [9.00.8112.16575] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_c1aa21dfdfdc4630\wininet.dll
[7] 2014-07-24 . 526014FFF6F612D9D0E86C874E7B0C36 . 1129472 . . [9.00.8112.16563] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_c1b2f137dfd5f791\wininet.dll
[7] 2014-07-24 . 228CC2A0F31917A9E2E4B95D86D8827B . 1130496 . . [9.00.8112.20674] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_c232be60f8facca3\wininet.dll
[7] 2014-06-06 . 61D9AD9E55D7A1E10C0EF701ADE1C486 . 1129472 . . [9.00.8112.16561] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_c1b0f0a3dfd7c4e3\wininet.dll
[7] 2014-06-06 . D19775732C5F0850BB46E4B5CF4E8C39 . 1130496 . . [9.00.8112.20672] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_c230bdccf8fc99f5\wininet.dll
[7] 2014-05-28 . E267DC5D759E11BB895C41E7EFC1A54C . 1130496 . . [9.00.8112.20666] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll
[7] 2014-05-28 . CFD26829131439B71D0109F9D5345573 . 1129472 . . [9.00.8112.16555] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll
[7] 2014-03-07 . 62077F806BC59CBD5A404338D710D133 . 1129472 . . [9.00.8112.16545] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll
[7] 2014-03-07 . 04F7F03B4D4C3EFF8BA6E25F24063250 . 1130496 . . [9.00.8112.20656] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_c24a5eccf8e8c76f\wininet.dll
[7] 2014-02-23 . F68EBB98CE1CFC06EA5CCE5F78056412 . 1130496 . . [9.00.8112.20651] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_c2455d5af8ed48bc\wininet.dll
[7] 2014-02-23 . 1E5DF19A5F053345430D7AF87943C47A . 1129472 . . [9.00.8112.16540] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_c1c59031dfc873aa\wininet.dll
[7] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.20644] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16533] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[7] 2013-11-14 . 4CC9DF09C3D915BA0A101A11DB684F26 . 1129472 . . [9.00.8112.16526] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[7] 2013-11-14 . 1C0B5D8A0A0F4614F032751E418E87E1 . 1130496 . . [9.00.8112.20637] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[7] 2013-10-13 . C36E38AD3C7FAFF0E30C4CBCB28CE7FB . 1129472 . . [9.00.8112.16520] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[7] 2013-10-13 . F1771715A3DC3DB14BD374F63507878D . 1130496 . . [9.00.8112.20631] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[7] 2013-09-22 . 508484580EA124FB03C41C58D4A63BE1 . 1130496 . . [9.00.8112.20625] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[7] 2013-09-22 . C8ADAA6948993D839D14524847EA5B75 . 1129472 . . [9.00.8112.16514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[7] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.20613] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16502] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[7] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.20606] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[7] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16496] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[7] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16490] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[7] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.20600] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16483] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.20593] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.20586] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16464] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.20573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[7] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[7] 2012-10-03 . ED223944D96ED3B4922B8434AEAA94DA . 1129472 . . [9.00.8112.16455] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[7] 2012-10-03 . 3A7F37F14E9603A28E98D00115F022DD . 1129472 . . [9.00.8112.20562] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[7] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.20557] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[7] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16450] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[7] 2012-06-28 . 975129E360241BE751BE93D9E0AC7409 . 1129472 . . [9.00.8112.16448] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[7] 2012-06-27 . 015A57A7749B28593E52D80DD60CF90A . 1129472 . . [9.00.8112.20554] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[7] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16447] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[7] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.20553] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[7] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16446] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[7] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.20551] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16443] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.20548] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[7] 2012-01-04 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16440] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[7] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16441] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[7] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.20546] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll
[7] 2011-10-21 . 758A5362019E7DDD7BC9CCE57FF99E7A . 842240 . . [7.00.6002.22730] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22730_none_0438a382b82f4106\wininet.dll
[7] 2011-10-20 . 72A45F23D07C6B13D23B84D043A81059 . 834048 . . [7.00.6002.18531] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18531_none_03b0051b9f10bd6c\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\ws2help.dll
.
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
.
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
.
[7] 2014-04-26 . B2B8EAD053A54886288523E5128B9C14 . 503296 . . [1.0626.6002.23386] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.23386_none_af19fcd36efbd812\usp10.dll
[7] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] .. c:\windows\SysWOW64\usp10.dll
[7] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.19096_none_ae858c5055e659eb\usp10.dll
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
.
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\msimg32.dll
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_776bd81b1c0c11c1\msimg32.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_285b7a4b21423100\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 16:23 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[7] 2009-04-11 16:23 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
.
[7] 2014-11-24 . 21A02100665C339AC61D46650022E576 . 757968 . . [9.00.8112.20715] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20715_none_bfb54ecaf17a249a\iexplore.exe
[7] 2014-11-24 . 63BE371C16B163583A5EA9D3DF4AC16B . 757968 . . [9.00.8112.16599] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16599_none_bed931e1d899cc8d\iexplore.exe
[7] 2014-10-27 . D45C0B4910629E70EF92E758CF635A37 . 757976 . . [9.00.8112.20708] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20708_none_bfc31f94f16f54ae\iexplore.exe
[7] 2014-10-27 . 06DE47CAE6D862847A4F24753C199394 . 757968 . . [9.00.8112.16592] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16592_none_bed22fdbd8a01b2c\iexplore.exe
[7] 2014-09-19 . DD26ECEEC8CCDA6FD44CB8E376D5A832 . 757968 . . [9.00.8112.16584] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16584_none_bedf005bd89631e9\iexplore.exe
[7] 2014-09-19 . 0751575443322B366A36C653465FF1D0 . 757968 . . [9.00.8112.20700] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20700_none_bfbb1d44f17689f6\iexplore.exe
[7] 2014-08-15 . 00E16998DA2563CD214B824D3C4F9762 . 757968 . . [9.00.8112.20691] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20691_none_bf5acc5cf1bea19f\iexplore.exe
[7] 2014-08-15 . 6864C18818EB22D03A2D37C8C5586925 . 757968 . . [9.00.8112.16575] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16575_none_beead091d88d2f4f\iexplore.exe
[7] 2014-07-24 . 76F9BA272D99BB7859695A4F9207178E . 757976 . . [9.00.8112.16563] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16563_none_bef39fe9d886e0b0\iexplore.exe
[7] 2014-07-24 . 6EBFCE26DF05178D3AAB32A6A2E08380 . 757968 . . [9.00.8112.20674] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20674_none_bf736d12f1abb5c2\iexplore.exe
[7] 2014-06-09 . EB42437D005E26062759E6235CA9AEB4 . 758000 . . [9.00.8112.20672] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20672_none_bf716c7ef1ad8314\iexplore.exe
[7] 2014-06-09 . 08ED70F000508724BAF881AA07C21BE1 . 758000 . . [9.00.8112.16561] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16561_none_bef19f55d888ae02\iexplore.exe
[7] 2014-05-28 . A2FCB57FF0C63599E910996B82488A00 . 758000 . . [9.00.8112.20666] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20666_none_bf803d92f1a1cc7f\iexplore.exe
[7] 2014-05-28 . 7BA5B7DEDE25D44F3E664D5BA067E3CD . 758000 . . [9.00.8112.16555] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16555_none_bf007069d87cf76d\iexplore.exe
[7] 2014-03-08 . 7116680C2C62709EE81BDDC69EF26B93 . 757488 . . [9.00.8112.16545] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16545_none_bf0b4055d874db7c\iexplore.exe
[7] 2014-03-07 . 41F24930153D42287D157B93A859E6F3 . 757488 . . [9.00.8112.20656] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20656_none_bf8b0d7ef199b08e\iexplore.exe
[7] 2014-02-23 . 32FC0953B384A11B4AB422E56E2BDBCD . 757488 . . [9.00.8112.20651] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20651_none_bf860c0cf19e31db\iexplore.exe
[7] 2014-02-23 . 10EB5C0E376727E21198B14E2F1637F7 . 757488 . . [9.00.8112.16540] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16540_none_bf063ee3d8795cc9\iexplore.exe
[7] 2014-02-05 . C24DA744AD59EF3A87380F0A75D2E580 . 757488 . . [9.00.8112.20644] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20644_none_bf93dcd6f19361ef\iexplore.exe
[7] 2014-02-05 . 48600DAC5AF3A53B6F430528209E4830 . 757488 . . [9.00.8112.16533] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16533_none_bf140fadd86e8cdd\iexplore.exe
[7] 2013-11-14 . FA58195587EC371699D9641C3E275856 . 757488 . . [9.00.8112.20637] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20637_none_bfa1ada0f1889203\iexplore.exe
[7] 2013-11-14 . 43E6F2A7FB182F2D7CB0CE5B8F1005CF . 757488 . . [9.00.8112.16526] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16526_none_bf21e077d863bcf1\iexplore.exe
[7] 2013-10-13 . 06085B62BC7E0C8E2605CEA38774D956 . 757488 . . [9.00.8112.16520] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_bf1bdebbd86924e7\iexplore.exe
[7] 2013-10-13 . 2D64E29ADB5DEB40446796A9C42417E3 . 757488 . . [9.00.8112.20631] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_bf9babe4f18df9f9\iexplore.exe
[7] 2013-09-22 . F87E95A127E83277B9AE500D7A18C998 . 757400 . . [9.00.8112.20625] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_bfaa7cf8f1824364\iexplore.exe
[7] 2013-09-22 . 45BDA923BE52906D1460BCB13AC2AB7A . 757400 . . [9.00.8112.16514] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_bf2aafcfd85d6e52\iexplore.exe
[7] 2013-07-25 . 139C8953AC56A9E559C7DEF07BC45ED7 . 757400 . . [9.00.8112.20613] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_bfb34c50f17bf4c5\iexplore.exe
[7] 2013-07-25 . 57EC630DBD5F0713E77CB3540AB80A8E . 757400 . . [9.00.8112.16502] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_bf337f27d8571fb3\iexplore.exe
[7] 2013-05-29 . 33E62E4EFC2ACA8EC63A8926F26D3889 . 757400 . . [9.00.8112.20606] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_bfc11d1af17124d9\iexplore.exe
[7] 2013-05-29 . EE12BA876C4190532A4085994BA9B616 . 757400 . . [9.00.8112.16496] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_bed62f1dd89c8361\iexplore.exe
[7] 2013-05-16 . 67EE46FD4D3B56531C5DD1BDC149275A . 757400 . . [9.00.8112.16490] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_bed02d61d8a1eb57\iexplore.exe
[7] 2013-05-16 . A8732CEDB2C0EE7AFC08F867A47BB3EC . 757400 . . [9.00.8112.20600] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_bfbb1b5ef1768ccf\iexplore.exe
[7] 2013-04-04 . 3F00BE80B9CEA20B7FE7363D15EDDB94 . 757360 . . [9.00.8112.16483] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_beddfe2bd8971b6b\iexplore.exe
[7] 2013-04-04 . C036AB1ED8BAC04FE4A349BA263077BB . 757360 . . [9.00.8112.20593] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_bf5ccb0af1bcd726\iexplore.exe
[7] 2013-02-22 . 4145E2B5663F6FACC08EFDB17B658BB2 . 757360 . . [9.00.8112.20586] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_bf6a9bd4f1b2073a\iexplore.exe
[7] 2013-02-22 . 32732CEDE2A1106B736EF3D84054EE04 . 757376 . . [9.00.8112.16476] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_beebcef5d88c4b7f\iexplore.exe
[7] 2013-01-08 . 698EB1E5F8C66344D97C00B5699E871D . 757280 . . [9.00.8112.16464] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_bef49e4dd885fce0\iexplore.exe
[7] 2013-01-08 . F05982E56ABD835AA8DF260EEC873E5B . 757280 . . [9.00.8112.20573] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_bf726ae2f1ac9f44\iexplore.exe
[7] 2012-11-14 . 0D286C0FE561D1A7EB30E83A0FF305B2 . 757296 . . [9.00.8112.16457] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_bf026f17d87b2cf4\iexplore.exe
[7] 2012-11-14 . F691418EE9A6344AEB5C1B0518FBF8AE . 757280 . . [9.00.8112.20565] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_bf7f3b62f1a2b601\iexplore.exe
[7] 2012-10-03 . 96A360002311ECE53952AF2F5B4CD64E . 748680 . . [9.00.8112.16455] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_bf006e83d87cfa46\iexplore.exe
[7] 2012-10-03 . 7FC9E840B32E9DFBFBBA92BA5E9B97C2 . 748680 . . [9.00.8112.20562] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_bf7c3a84f1a569fc\iexplore.exe
[7] 2012-08-24 . 62188720CE27B982B4285C03163C9FB3 . 748680 . . [9.00.8112.20557] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_bf8c0be2f198ccbe\iexplore.exe
[7] 2012-08-24 . 22CC6CDBA678790046693654C3B212E4 . 748680 . . [9.00.8112.16450] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_befb6d11d8817b93\iexplore.exe
[7] 2012-06-28 . 32F1A71CC1943BD537DA1516E0CB6AF3 . 748664 . . [9.00.8112.16448] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_bf0e3f4dd8722a5a\iexplore.exe
[7] 2012-06-27 . 4B649ED3CDC17707898E4948AAB72528 . 748664 . . [9.00.8112.20554] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_bf890b04f19b80b9\iexplore.exe
[7] 2012-06-02 . 34B01BBD8F00B6B9C9248DC4F1E3CD01 . 748664 . . [9.00.8112.16447] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_bf0d3f03d8731103\iexplore.exe
[7] 2012-06-02 . BE967C74B89577B78FB57C061E12B04C . 748664 . . [9.00.8112.20553] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_bf880abaf19c6762\iexplore.exe
[7] 2012-05-17 . 0129BB16161C2FD9A6B19111AB047198 . 748664 . . [9.00.8112.16446] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_bf0c3eb9d873f7ac\iexplore.exe
[7] 2012-05-17 . 268982F1FD671A077C6A2AF41E351436 . 748664 . . [9.00.8112.20551] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_bf860a26f19e34b4\iexplore.exe
[7] 2012-01-04 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_bf1cdd1fd8684117\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
.
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_764d448c52115294\rasadhlp.dll
.
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Amazon Music"="c:\users\Derek\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-12-08 6277952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"PeachtreePrefetcher.exe"="c:\progra~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" [2011-10-25 28488]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-09-18 505872]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-09-18 374560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2014-07-11 118272]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
c:\users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 16:48]
.
2014-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-21 20:01]
.
2014-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-21 20:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ------w- c:\users\Derek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 22:52 777032 ------w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 22:52 777032 ------w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 22:52 777032 ------w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 22:52 777032 ------w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 22:52 777032 ------w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTCc-nJMu1nd4OAPCQtWrQ65BJ98TrXMs6O9RexQ-5mQCZQNfd0Im1yPmw9N6-FKA,,
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>;*.local
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B5460687-2F9D-4EAA-8C86-2B0242F0B5F5}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{BBF57384-4FED-4956-B4BB-BBB82EBC8580}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{c328fed4-6a85-11db-9fbd-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-HitsBlender - c:\program files (x86)\HitsBlender\hitsblender.exe
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-AVerMedia A309 (MiniCard, DVB-T) - c:\program files (x86)\AVerMedia\AVerMedia A309 (MiniCard
AddRemove-{B46BEA36-0B71-4A4E-AE41-87241643FA0A} - c:\program files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\*]
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
.
[HKEY_USERS\.Default\*]
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
DUMPHIVE0.003 (REGF)
.
[HKEY_USERS\LocalService\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
.
[HKEY_USERS\LocalService\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
DUMPHIVE0.003 (REGF)
.
[HKEY_USERS\S-1-5-20\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
.
[HKEY_USERS\S-1-5-20\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,e9,6d,72,
   0c,b6,1c,83,da,93,74,22,3f,58,6b,50,51
DUMPHIVE0.003 (REGF)
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
DUMPHIVE0.003 (REGF)
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000_Classes\Wow6432Node\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000_Classes\Wow6432Node\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000_Classes\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
.
[HKEY_USERS\S-1-5-21-3978693-1187435272-2813009078-1000_Classes\*]
@Allowed: (Read) (RestrictedCode)
"{5081D2D4-1637-404c-B74F-50526718257D}"=hex:51,66,7a,6c,4c,1d,3b,1b,c4,cf,9a,
   4e,08,43,2a,0e,b6,45,13,07,60,5f,63,64
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\LuckyTab\LuckyTab.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\HitsBlenderUpdater\HitsBlenderUpdater.exe
c:\program files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
c:\users\Derek\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
c:\users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\Runner.exe
c:\users\Derek\AppData\Local\AE11B5~1\CHROME~1\chrome.exe
c:\users\Derek\AppData\Local\AE11B5~1\CHROME~1\chrome.exe
.
**************************************************************************
.
Completion time: 2014-12-28  18:28:31 - machine was rebooted
ComboFix-quarantined-files.txt  2014-12-28 23:28
.
Pre-Run: 113,384,939,520 bytes free
Post-Run: 113,502,523,392 bytes free
.
- - End Of File - - EDBA29876C1F9EFAEA401ABC8576D2E8
5C616939100B85E558DA92B899A0FC36
 



#10 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 28 December 2014 - 11:30 PM

Please do this next:

icon11.gif  Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup-2.x.x.xxxx.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

icon11.gif   Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Please include the following in your next post:
  • MBAM log
  • adwCleaner log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#11 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 29 December 2014 - 06:29 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/29/2014
Scan Time: 5:24:10 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.29.07
Rootkit Database: v2014.12.29.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Derek

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 431542
Time Elapsed: 19 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\LuckyTab\LuckyTab.exe, 2076, Delete-on-Reboot, [dac1b6b2fd7f70c6ccb59026eb1a768a]

Modules: 0
(No malicious items detected)

Registry Keys: 21
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [3e5d2a3ed1ab20161aec91503dc552ae],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [3e5d2a3ed1ab20161aec91503dc552ae],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [e0bb4226e39966d06f723bdd15ee7888],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [e0bb4226e39966d06f723bdd15ee7888],
PUP.Optional.IdleCrawler, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AE11B5FC-1D5E-7641-B063-15A783E81276, Quarantined, [4f4ca4c40577d6609d6fb04c17eab44c],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64, Quarantined, [4853145417651e187d970b6e57ac02fe],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\PicColor Utility, Quarantined, [aaf1aabe8bf186b0f843a3bb2cd7f60a],
PUP.Optional.MyFreeze.A, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, Quarantined, [f2a9d79143396dc9f1f874ec58ab14ec],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\LuckyTab, Quarantined, [c4d7baae1765e74f5a240dd447bdb34d],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, Quarantined, [5f3c7cec0a72d264a27b155a59aa926e],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\WOW6432NODE\PicColor Utility, Quarantined, [059601674735092dbd7e6bf3dd26f20e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [6b30cf99ed8ff14577e0116a39ca1ee2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [c7d48adea9d351e55ce9815ae4200cf4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [a6f53a2eceaedf5799adfcdf0bf913ed],
PUP.Optional.DonutLeads.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\donutleadsServiceCore, Quarantined, [6b30c0a8ef8dba7cb53078e88c7713ed],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, Quarantined, [049788e0abd1b6802e914335df24d927],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HD-Quality-3.1V15.12, Quarantined, [77248ade37452a0c203f432712f158a8],
PUP.Optional.ICinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\I - Cinema, Quarantined, [a6f5392fc8b4a6909bb9d69f37cc33cd],
PUP.Optional.BrowserSafeGuard, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Browsersafeguard, Quarantined, [455687e10d6f0135baee6c08ae55bf41],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, Quarantined, [f7a4d7914a32f4426c0c934846be58a8],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [a5f650180e6e90a604afe1f437cd748c],

Registry Values: 10
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [4f4c91d7e993e84e2f8e11605aa9f40c]
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{5081D2D4-1637-404c-B74F-50526718257D}, C:\Program Files\shopperz\Firefox, Quarantined, [811a4e1ae59766d0991c362832d16c94]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [6b30cf99ed8ff14577e0116a39ca1ee2]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [881375f3fc8071c5fac3c3ae2fd4629e]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, Quarantined, [049788e0abd1b6802e914335df24d927]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [3f5c95d3017bf73f2e2ad9a2af54aa56]
PUP.Optional.SocialPrivacy, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|sp2@sp.com, C:\Program Files (x86)\Social Privacy\FF\, Quarantined, [94073038b6c6a98db443fcdb20e4d32d]
PUP.Optional.SocialPrivacy, HKU\S-1-5-21-3978693-1187435272-2813009078-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|sp2@sp.com, C:\Program Files (x86)\Social Privacy\FF\, Quarantined, [970417519be159dd6790ae29e222669a]
PUP.Optional.SocialPrivacy, HKU\S-1-5-21-3978693-1187435272-2813009078-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|sp2@sp.com, C:\Program Files (x86)\Social Privacy\FF\, Quarantined, [7427d98f304c4beb57a0597e43c1649c]
PUP.Optional.SocialPrivacy, HKU\S-1-5-21-3978693-1187435272-2813009078-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|sp2@sp.com, C:\Program Files (x86)\Social Privacy\FF\, Quarantined, [a4f7095f5c20f14527d03b9cf80c01ff]

Registry Data: 5
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjaxg,,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjaxg,,&q={searchTerms}),Replaced,[02990563f785fb3b875ad2a3ee17d729]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTCc-nJMu1nd4OAPCQtWrQ65BJ98TrXMs6O9RexQ-5mQCZQNfd0Im1yPmw9N6-FKA,,, Good: (www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTCc-nJMu1nd4OAPCQtWrQ65BJ98TrXMs6O9RexQ-5mQCZQNfd0Im1yPmw9N6-FKA,),Replaced,[b6e5e97fed8f3afc588d78fd2dd8669a]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}),Replaced,[7823fd6bf587b185984ee59065a0ec14]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}),Replaced,[683387e1156763d3d116d69fdf269769]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-3978693-1187435272-2813009078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q={searchTerms}),Replaced,[1784f17786f649ed8a58344129dc4fb1]

Folders: 22
PUP.Optional.PicColor.A, C:\ProgramData\PicColorData, Quarantined, [910af177611ba1955c2fd98af70cbd43],
PUP.Optional.VOPackage, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, Quarantined, [6e2dcf9953293006e2d80a7032d125db],
PUP.Optional.OpenCandy, C:\Users\Derek\AppData\Roaming\OpenCandy, Delete-on-Reboot, [53485a0e324a4cea2f1652d70201a65a],
PUP.Optional.OpenCandy, C:\Users\Derek\AppData\Roaming\OpenCandy\13837A171E524C1C9061D61A0C201E1F, Quarantined, [53485a0e324a4cea2f1652d70201a65a],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect, Delete-on-Reboot, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\SearchProtect, Delete-on-Reboot, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\SearchProtect\STG, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\UI, Delete-on-Reboot, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\UI\rep, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.OneSoftPerDay.A, C:\Users\Derek\AppData\Local\ospd_us_511, Quarantined, [7625fe6aed8f2511b93bf9566a994fb1],
PUP.Optional.DonutLeads.A, C:\ProgramData\donutleads, Quarantined, [bbe0e7813a424bebd0bc3122e91a26da],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com, Delete-on-Reboot, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\defaults, Delete-on-Reboot, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\defaults\preferences, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData, Delete-on-Reboot, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\locale, Delete-on-Reboot, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\locale\en-US, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\LuckyTab, Delete-on-Reboot, [36654c1cceae7fb789ec9abed52ec040],
PUP.Optional.LuckyTab.A, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab, Quarantined, [99025b0d304c85b1e28294c5e91aa060],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz, Quarantined, [6932680087f5c96d2f7105580af9827e],

Files: 82
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\LuckyTab\LuckyTab.exe, Delete-on-Reboot, [dac1b6b2fd7f70c6ccb59026eb1a768a],
PUP.Optional.HDQuality.A, C:\Users\Derek\AppData\Roaming\PEHLZF.exe, Quarantined, [0a913236bac21f17b5d08f4150b16a96],
PUP.Optional.HDQuality.A, C:\Users\Derek\AppData\Roaming\WNOTDII.exe, Quarantined, [3665a5c357259b9bbacb6a6621e0718f],
PUP.Optional.OpenCandy, C:\Users\Derek\Downloads\MediaInfo_GUI_0.7.53_Windows_i386.exe, Quarantined, [9b00d791daa2dc5a4f7b5156a26312ee],
PUP.Optional.OutBrowse, C:\Users\Derek\Downloads\Unconfirmed 197401.crdownload, Quarantined, [57444325dd9fb87eb9e4a06035cdb24e],
PUP.Optional.OptimumInstaller.A, C:\Users\Derek\Downloads\Updater_Setup(1).exe, Quarantined, [603b31377efef640b763056831d08c74],
PUP.Optional.OptimumInstaller.A, C:\Users\Derek\Downloads\Updater_Setup(2).exe, Quarantined, [1883c6a2126a8ea81802d697e51c3bc5],
PUP.Optional.OptimumInstaller.A, C:\Users\Derek\Downloads\Updater_Setup(3).exe, Quarantined, [3e5def79cfad54e2a5756ffe3fc27987],
PUP.Optional.OptimumInstaller.A, C:\Users\Derek\Downloads\Updater_Setup.exe, Quarantined, [2675f870ceae1a1c66b4b6b7679a0ff1],
PUP.Optional.IdleCrawler, C:\Users\Derek\AppData\Local\AE11B5FC-1D5E-7641-B063-15A783E81276\uninstall.exe, Quarantined, [4f4ca4c40577d6609d6fb04c17eab44c],
PUP.Optional.WebInstrNew.A, C:\Windows\System32\drivers\Msft_Kernel_webinstrNewH_01009.Wdf, Quarantined, [52494f19760653e386d84816ad56c33d],
PUP.Optional.PicColor.A, C:\ProgramData\PicColorData\Config.bin.bus, Quarantined, [910af177611ba1955c2fd98af70cbd43],
PUP.Optional.PicColor.A, C:\ProgramData\PicColorData\Config.bin, Quarantined, [910af177611ba1955c2fd98af70cbd43],
PUP.Optional.DonutQuotes, C:\Windows\System32\Tasks\DonutQuotes, Quarantined, [d9c26dfb2b512c0a303fcd970af99a66],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{1757dc4d-e8e2-4353-a150-0ba4c54f9f4d}Gt64.sys, Quarantined, [4853145417651e187d970b6e57ac02fe],
PUP.Optional.VOPackage, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, Quarantined, [6e2dcf9953293006e2d80a7032d125db],
PUP.Optional.WebSearch.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\searchplugins\Web Search.xml, Quarantined, [78239cccd0ac2214f5a423753dc6e818],
PUP.Optional.ColorMedia.A, C:\Windows\SysWOW64\ColorMedia.ini, Quarantined, [cccf91d756261026a025b825a3611be5],
PUP.Optional.ColorMedia.A, C:\Windows\System32\ColorMediaOff.ini, Quarantined, [d6c5b0b85e1e89ad18ae5687bd47629e],
PUP.Optional.ColorMedia.A, C:\Windows\SysWOW64\ColorMediaOff.ini, Quarantined, [3863cd9b215b8bab666037a606fe8779],
PUP.Optional.LuckyTab.A, C:\Windows\System32\Tasks\LuckyTab, Quarantined, [cccf3632ef8d2016b6c7c41d0ff54ab6],
PUP.Optional.SearchProtect, C:\Windows\System32\drivers\SPPD.sys, Quarantined, [049788e0abd1b6802e914335df24d927],
PUP.Optional.OpenCandy, C:\Users\Derek\AppData\Roaming\OpenCandy\13837A171E524C1C9061D61A0C201E1F\AVG Safeguard.exe, Quarantined, [53485a0e324a4cea2f1652d70201a65a],
PUP.Optional.OpenCandy, C:\Users\Derek\AppData\Roaming\OpenCandy\13837A171E524C1C9061D61A0C201E1F\AVG_Toolbar_CB_ALL_p3v5.exe, Quarantined, [53485a0e324a4cea2f1652d70201a65a],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.SearchProtect.A, C:\Users\Derek\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Quarantined, [386358106f0da98de1d2d5691be8738d],
PUP.Optional.OneSoftPerDay.A, C:\Users\Derek\AppData\Local\ospd_us_511\upospd_us_511.cyl, Quarantined, [7625fe6aed8f2511b93bf9566a994fb1],
PUP.Optional.DonutLeads.A, C:\ProgramData\donutleads\instlgsent.config, Quarantined, [bbe0e7813a424bebd0bc3122e91a26da],
PUP.Optional.DonutLeads.A, C:\ProgramData\donutleads\instltm_20141217213648, Quarantined, [bbe0e7813a424bebd0bc3122e91a26da],
PUP.Optional.DonutLeads.A, C:\ProgramData\donutleads\ServiceConfig2.json, Quarantined, [bbe0e7813a424bebd0bc3122e91a26da],
PUP.Optional.DonutLeads.A, C:\ProgramData\donutleads\WinApp.config, Quarantined, [bbe0e7813a424bebd0bc3122e91a26da],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\chrome.manifest, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\install.rdf, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\defaults\preferences\prefs.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\manifest.xml, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins.json, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\104.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\119.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\123.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\14.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\16.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\178.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\179.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\180.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\184.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\195.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\200.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\220.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\221.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\223.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\231.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\232.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\234.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\242.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\246.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\262.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\263.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\268.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\273.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\281.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\286.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\289.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\300.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\301.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\335.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\342.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\344.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\4.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\64.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\7.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\9.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\91.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\93.js, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\locale\en-US\translations.dtd, Quarantined, [702b66025b212313038a2a290ef51ce4],
PUP.Optional.LuckyTab.A, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Get Lucky.lnk, Quarantined, [99025b0d304c85b1e28294c5e91aa060],
PUP.Optional.LuckyTab.A, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Help.lnk, Quarantined, [99025b0d304c85b1e28294c5e91aa060],
PUP.Optional.LuckyTab.A, C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Uninstall.lnk, Quarantined, [99025b0d304c85b1e28294c5e91aa060],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\krios.dll, Quarantined, [6932680087f5c96d2f7105580af9827e],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\krios64.dll, Quarantined, [6932680087f5c96d2f7105580af9827e],
PUP.Optional.SnapDo.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRaklnKAlLcbyVFEF02PJzoodznxpPmMyx5P35X5MvaCnrWDMsB8EZXrSojBYtcRILlDh_QcDCASxFqPxDoazBhOsPkDbpflkzSb_cD9pMtiQUiRUSyhi2ZTTLCTOKiMDMT7n7IaM7KmX9X5riGZe-36K3MCOEztR9ke027QLcjF13p8YxjkwqGjawQ,,&q=");), Replaced,[afec92d6d0ac122436abe5d3a3622dd3]
PUP.Optional.CrossRider.A, C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "13b2fe6031821d8ba0072c320ca63613");), Replaced,[e8b31b4d5a22ab8b0908c7f4ac591ae6]

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

# AdwCleaner v4.106 - Report created 29/12/2014 at 18:20:16
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Derek - DEREK-PC
# Running from : C:\Users\Derek\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files (x86)\predm
[!] Folder Deleted : C:\Windows\SysWOW64\SearchProtect
[!] Folder Deleted : C:\Users\Derek\AppData\Local\globalUpdate
[!] Folder Deleted : C:\Users\Derek\AppData\Roaming\SimpleFiles
[!] Folder Deleted : C:\Users\Derek\Documents\Optimizer Pro
[!] Folder Deleted : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjpggdgbpaadicjmffjdjpgheolabba
File Deleted : C:\END
File Deleted : C:\Windows\System32\drivers\netfilter64.sys

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchSignup
Task Deleted : Run_Bobby_Browser
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\BoBrowser
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\SpeeditUp
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[ql6ufgd1.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [9963 octets] - [29/12/2014 18:01:36]
AdwCleaner[S0].txt - [8258 octets] - [29/12/2014 18:20:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8318 octets] ##########



#12 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 29 December 2014 - 11:55 PM

How is your computer running now?  Please do this next:

icon11.gif  Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.  Please go to www.java.com and press the "Free Java Download" button near the center of the page.  Follow the prompts to install the latest version and remove any older, insecure versions.

icon11.gif  Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.

Please include the following in your next post:
  • How is the computer running now?
  • ESET log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#13 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 30 December 2014 - 01:33 PM

Computer is definitely running better. No pop ups or weird default home page. There are still multiple odd tasks (chrome.exe *32 and other .exe *32) in the task manager. Seems likewe're getting there though. I really appreciate your help.

 

 

C:\FRST\Quarantine\C\Users\Derek\AppData\Local\Temp\sprz.exe.xBAD a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Derek\AppData\Local\Temp\Z9cmjBLc5p.exe.xBAD a variant of Win32/Adware.Adpeak.Q application
C:\Program Files (x86)\HitsBlenderUpdater\Uninstall.exe a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Qoobox\Quarantine\C\ProgramData\PurpleRain\PurpleRain.exe.vir a variant of Win32/Adware.PicColor.H application
C:\Qoobox\Quarantine\C\Users\Derek\AppData\Local\nsyC20D.tmp.vir Win32/VOPackage.BC potentially unwanted application
C:\Users\Derek\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\Derek\Downloads\avc-setup-5.7.6.exe Win32/Spigot.A potentially unwanted application
C:\Users\Derek\Downloads\cbsidlm-cbsi188-CR2_Converter-SEO-75712393(1).exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Derek\Downloads\cbsidlm-cbsi188-CR2_Converter-SEO-75712393.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Derek\Downloads\cbsidlm-tr1_8-Easy_DVD_Player-SEO2-10104512(1).exe Win32/DownloadAdmin.E potentially unwanted application
C:\Users\Derek\Downloads\cbsidlm-tr1_8-Easy_DVD_Player-SEO2-10104512.exe Win32/DownloadAdmin.E potentially unwanted application
C:\Users\Derek\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Users\Derek\Downloads\Matthew_West-The_Day_Before_You_[Acoustic]_mp3_downloader.exe a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Program Files\shopperz\krios.dll a variant of Win32/Toolbar.Perion.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Program Files\shopperz\krios64.dll a variant of Win32/Toolbar.Perion.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Program Files (x86)\HitsBlenderUpdater\Uninstall.exe a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Program Files (x86)\LuckyTab\LuckyTab.exe a variant of Win32/LuckyTab.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\ProgramData\PurpleRain\PurpleRain.exe a variant of Win32/Adware.PicColor.H application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\All Users\PurpleRain\PurpleRain.exe a variant of Win32/Adware.PicColor.H application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\nsyC20D.tmp Win32/VOPackage.BC potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJ46BPRX\java_setup[1].exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJ46BPRX\setup[2].exe a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJ46BPRX\VOPackage[1].exe Win32/VOPackage.AZ potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POG9IQ1Z\installer[1].exe a variant of MSIL/Adware.iBryte.D application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3I600XR\aff_setup[1].exe Win32/MyPCBackup.C potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3I600XR\Installer[1].exe a variant of Win32/TrojanDropper.MsiDrop.B trojan
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3I600XR\Setup[1].exe multiple threats
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNY3PVC6\java_setup[1].exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\0LlHPgKVVC.tmp a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\4JLOU6XGXT.tmp a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\A5k57O8f0a.tmp a variant of Win32/LuckyTab.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\ADB8.tmp JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\amisetup6236__11003.exe Win32/Amonetize.CH potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\ASKA35F.tmp a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\C4D5.tmp JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\CloudBackup6253.exe MSIL/MyPCBackup.D potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\ConsumerInputSetup.exe Win32/Compete.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\EDB0.tmp JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\FB36.tmp JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\fZviOCLg4L.exe a variant of Win32/AdWare.SpeedingUpMyPC.N application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\HsEx1VcT8w.exe Win32/BrowseFox.C potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\ICReinstall_nsw182F.tmp a variant of Win32/InstallCore.PK potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\installer.exe a variant of MSIL/Adware.iBryte.D application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\NRFU5D9SbP.tmp a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsfFD09.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsg4B8.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsgCDDD.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nskA25C.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nskFF99.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsq8ED.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsqC9D6.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsu1970.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsu1CCB.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsw182F.tmp a variant of Win32/InstallCore.PK potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsyC20D.tmp Win32/VOPackage.BC potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\okDRgS2QzJ.exe multiple threats
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\optprosetup.exe a variant of Win32/OptimizerEliteMax.C potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\pfLKwRSEkV.tmp a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\sprz.exe a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\vIcqotNCox.exe a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\DwlTempFolder\temp.exe a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe Win32/VOPackage.AZ potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is-VN5RA.tmp\package_hyperbrows_installer_multilang.exe Win32/AdWare.EoRezo.AW application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is-VN5RA.tmp\package_Nuvision_installer_multilang.exe Win32/AdWare.EoRezo.AW application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is-VN5RA.tmp\package_tl_idlecrawler_installer_multilang.exe Win32/AdWare.EoRezo.AW application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is-VN5RA.tmp\package_vpnprivat_installer_multilang.exe Win32/AdWare.EoRezo.AW application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is-VN5RA.tmp\package_vuupc_installer_multilang.exe Win32/AdWare.EoRezo.AW application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\is45637729\11081678_stp\Generic_vo.exe Win32/VOPackage.BB potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Local\Temp\nsgA075\SpSetup.exe Win32/Conduit.SearchProtect.Q potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Roaming\PEHLZF.exe a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Roaming\WNOTDII.exe a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\ql6ufgd1.default\extensions\172cfb0d00604ca2807d96193776c@90fc73dda8c44c58a81f097d.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\avc-setup-5.7.6.exe Win32/Spigot.A potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\cbsidlm-cbsi188-CR2_Converter-SEO-75712393(1).exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\cbsidlm-cbsi188-CR2_Converter-SEO-75712393.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\cbsidlm-tr1_8-Easy_DVD_Player-SEO2-10104512(1).exe Win32/DownloadAdmin.E potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\cbsidlm-tr1_8-Easy_DVD_Player-SEO2-10104512.exe Win32/DownloadAdmin.E potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\Matthew_West-The_Day_Before_You_[Acoustic]_mp3_downloader.exe a variant of Win32/ExpressDownloader.K potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\MediaInfo_GUI_0.7.53_Windows_i386.exe Win32/OpenCandy potentially unsafe application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\Updater_Setup(1).exe a variant of Win32/AdWare.iBryte.Q application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\Updater_Setup(2).exe a variant of Win32/AdWare.iBryte.J.gen application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\Updater_Setup(3).exe a variant of Win32/AdWare.iBryte.J.gen application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Users\Derek\Downloads\Updater_Setup.exe a variant of Win32/AdWare.iBryte.Q application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\System32\ColorMedia64.dll a variant of Win32/Adware.PicColor.C application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\SysWOW64\ColorMedia.dll a variant of Win32/Adware.PicColor.C application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\37EE3489-84C3-4573-BC84-F6F7DCC25F25n.exe multiple threats
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsb539F.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsb53A0.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsb5418.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsc4528.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsd4795.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsdC96.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nseF8DE.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsf90F6.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsg20D7.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsg7E09.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsh513B.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsh5F2E.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nshA346.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsi4850.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsi6E67.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsiE4CA.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nskCC86.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsl1D15.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsl32D1.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsl734B.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsl90DA.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsm3642.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsp64B7.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nspEBBA.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsq205A.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsq43B3.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsq449D.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsq64FC.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsqDE8E.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsqDFE7.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsrEB6C.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nss756F.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsu6003.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsvDF97.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsvF930.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsvFD26.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsw61C5.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsy721F.exe Win32/Conduit.SearchProtect.V potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsz1786.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Users\Derek\Full Backup\C 2014-12-25 12;35;40 (Full)\Windows\Temp\nsz326D.exe Win32/Conduit.SearchProtect.R potentially unwanted application
C:\Windows\System32\ColorMedia.dll a variant of Win32/Adware.PicColor.C application
C:\Windows\SysWOW64\ColorMedia.dll a variant of Win32/Adware.PicColor.C application
 



#14 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 30 December 2014 - 11:45 PM

There is nothing terribly concerning in that ESET log.  Anything dangerous is already in quarantine and will be cleaned up with these last instructions.  The others are all related to some freeware that you downloaded (they get flagged because they come bundled with toolbars or are ad driven) and old backups.  I would recommend that you delete those infected backups and start fresh with a new set.

Having multiple instances of chrome.exe *32 running is not unusual at all.  All I have left for you is another update and some important cleanup:

icon11.gif  Your Adobe reader needs to be updated.  Please visit Adobe's site and grab the newest version.  Be sure to watch for and uncheck any boxes offering to install other software.

icon11.gif  Uninstall ComboFix

  • Press the Windows key + R on your keyboard or click Start -> Run.  Copy and past the following text into the run box that opens and press OK:
    Combofix /Uninstall

Combofix_uninstall_image.jpg

icon11.gif  Download OTC to your desktop and run it
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
  • Manually delete any remaining logs or tools from our fixes

icon11.gif  Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.

icon11.gif  Finally, I'd like to make a couple of suggestions to help you stay clean in the future:
  • Restart any anti-malware programs that we disabled while we were cleaning your machine.
  • Keep your antivirus application and MBAM current and updated.  Scan with them at least weekly.
  • Please read this post for some helpful information.

Please post once more so I know you are all set and I can mark this thread resolved. Good luck and stay safe!


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#15 Derek2323

Derek2323
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:35 AM

Posted 31 December 2014 - 08:06 PM

Finished everything and am definitely running faster. Thanks so much for your help. I really appreciate your advice and the time you spent with me.

 

I also did a reset on firefox because it was causing pop ups. It was very simple to do and got rid of them.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users