[SOLVED] IE not responding, already ran MBAM and Combofix

N_J · Oct 12, 2012

Hello,

Have a friend who had many infections found by MBAM and Combofix. Several toolbars and programs removed from add/remove programs. Did a quick scan and full scan with MBAM and one run with Combofix. Java has been updated after CF run. When switching between tabs IE stops responding for a minute or two then recovers.

Due to time constrants I am hoping ya'll can help me out with this one.

Thanks, N_J

MBAM first run quick scan:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.10.11.15
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328
ddecker :: DDECKER-PC [administrator]
10/11/2012 7:15:17 PM
mbam-log-2012-10-11 (19-15-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204741
Time elapsed: 6 minute(s),
Memory Processes Detected: 2
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> 3728 -> Delete on reboot.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe (PUP.MyWebSearch) -> 1260 -> Delete on reboot.
Memory Modules Detected: 2
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
Registry Keys Detected: 161
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\RecipeHub_2jService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{06e3475c-5521-4de8-bb12-50720f21631c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E3475C-5521-4DE8-BB12-50720F21631C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E3475C-5521-4DE8-BB12-50720F21631C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E3475C-5521-4DE8-BB12-50720F21631C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RecipeHub_2jbar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{b7acdf9c-c4f9-4d5d-998e-b147866b4d4c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B7ACDF9C-C4F9-4D5D-998E-B147866B4D4C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B7ACDF9C-C4F9-4D5D-998E-B147866B4D4C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B7ACDF9C-C4F9-4D5D-998E-B147866B4D4C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Detected: 13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|RecipeHub_2j Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\RECIPE~2\bar\1.bin\2jbrmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Recipe Hub Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\RECIPE~2\bar\1.bin\2jsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»
äG\Ê -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 17
C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\ThirdPartyInstallers (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\IE9Mesg (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
Files Detected: 87
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbarsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Users\ddecker\Local Settings\mwsauto.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\ddecker\Local Settings\Application Data\mwsauto.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\INSTALL.RDF (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IEOVR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3TPINST.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\IE9Mesg\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
(end)

MBAM second run full scan:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.10.11.15
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328
ddecker :: DDECKER-PC [administrator]
10/11/2012 8:48:58 PM
mbam-log-2012-10-11 (20-48-58).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 369105
Time elapsed: 2 hour(s), 14 minute(s), 5 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 54
HKCR\CLSID\{31917ad2-f351-44c9-997e-6099011074df} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ce493ea1-30fc-4cbe-9de9-6a57dbc0af69} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{30C04BB3-2216-424A-B101-608DFF1D54C5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{51653395-fe70-4b72-ba08-3c64b44f5d43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{e7fc6003-06e8-4c2d-8756-a30fe9c95c73} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{DE67D450-2D67-4AE5-8D7A-43642382855B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{2bd71ade-f254-477e-add5-b2423a83b355} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{26abd3e0-6a39-48d9-bf04-2bb873d80348} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{2f08f2fa-bc7d-47dc-b75c-6d4b9afb792c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{422B2601-6455-4D7E-AA66-85CBCDF93248} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{6809c391-babc-426d-83e3-81e096a6b9ad} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{dff81829-a59f-44db-8010-2eedadc2465f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{46666EC1-F22B-465B-B1D3-A56976459C69} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6809C391-BABC-426D-83E3-81E096A6B9AD} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{CB4B8622-CB4A-4C03-8CC1-2B4052F08553} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CB4B8622-CB4A-4C03-8CC1-2B4052F08553} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{5841fe52-af7d-4cb5-be33-1ab40c3edd25} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{32f1aafc-6dab-4b99-8ac2-4b721b1e06d1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{931A4276-9972-4AC1-BB18-32A5997AAF08} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{cc43333b-9017-452b-bfc6-e41b5a8555af} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{daab1633-ec52-49ae-ba45-74b3e319c6c6} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8dfa0267-c525-420a-b69b-9408e9843dc7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{26CB74E8-A80A-49BD-B680-7CD5EDB2A62C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DAAB1633-EC52-49AE-BA45-74B3E319C6C6} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{4271790f-c050-4034-85de-3d8ca2bdac6c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7f14cca5-74e6-492e-bf0f-58a7b4b2881c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3a8ab5b2-2afb-47b0-817e-583e35765b07} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{795c5e1e-bfdb-468f-8b8a-309c24219676} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{20F22058-994B-4C59-A8F4-149650E39323} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{325174ef-2148-410e-ad4c-31156ec79a67} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4daa8599-9cc2-4c34-a606-3b0a8e9b3c4a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{10730512-1D08-4B6E-9272-3DB1EF325A57} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{325174EF-2148-410E-AD4C-31156EC79A67} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{e1eace5b-5208-4b5c-a060-4691cc04389f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\RecipeHub_2j.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 29
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jauxstb.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jdatact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jdlghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jdyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jfeedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jhighin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jhkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jhtml.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jhtmlmu.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jhttpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jidle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jieovr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jimpipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jmedint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jmlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jmsg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jPlugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jregfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jreghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jregiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jscript.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jskin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jskplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jtpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2juabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\ddecker\AppData\LocalLow\RecipeHub_2jEI\Installr\Cache\002EC996.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
(end)

Combofix scan first run:

ComboFix 12-10-12.01 - ddecker 10/12/2012 12:07:04.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3963.2250 [GMT -5:00]
Running from: c:\users\ddecker\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
.
.
((((((((((((((((((((((((( Files Created from 2012-09-12 to 2012-10-12 )))))))))))))))))))))))))))))))
.
.
2012-10-12 17:23 . 2012-10-12 17:26 -------- d-----w- c:\users\ddecker\AppData\Local\temp
2012-10-12 00:02 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-12 00:02 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-12 00:02 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll
2012-10-12 00:02 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-12 00:02 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-12 00:02 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-12 00:02 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-04 18:30 . 2012-10-05 02:11 -------- d-----w- c:\windows\system32\drivers\N360x64\0604000.009
2012-09-21 04:01 . 2012-09-21 04:01 836544 ----a-w- c:\windows\system32\tadefxapo264.dll
2012-09-21 04:01 . 2012-09-21 04:01 2605400 ----a-w- c:\windows\system32\WavesGUILib.dll
2012-09-21 04:01 . 2012-09-21 04:01 869520 ----a-w- c:\windows\system32\RtkApi64.dll
2012-09-21 04:01 . 2012-09-21 04:01 2674320 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-09-21 04:01 . 2012-09-21 04:01 1262696 ----a-w- c:\windows\system32\RTCOM64.dll
2012-09-21 04:01 . 2012-09-21 04:01 4065296 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-09-21 04:01 . 2012-09-21 04:01 5096448 ----a-w- c:\windows\system32\RCoRes64.dat
2012-09-21 04:01 . 2012-09-21 04:01 105616 ----a-w- c:\windows\system32\RCoInstII64.dll
2012-09-20 23:53 . 2012-10-12 00:52 -------- d-----w- c:\users\ddecker\AppData\Roaming\Systweak
2012-09-20 23:53 . 2012-09-20 18:27 19368 ----a-w- c:\windows\system32\roboot64.exe
2012-09-14 03:28 . 2012-09-14 03:28 -------- d-----w- c:\program files (x86)\The Weather Channel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 01:28 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe
2012-10-10 15:37 . 2012-08-16 17:12 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-10 15:37 . 2011-06-21 21:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 04:01 . 2009-07-15 14:14 3615888 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-09-07 22:28 . 2012-09-07 22:28 1048576 ----a-w- c:\windows\system32\syndata.bin
2012-09-07 22:26 . 2012-09-07 22:26 68880 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
2012-09-07 22:26 . 2012-09-07 22:26 150800 ----a-w- c:\windows\system32\SynTPCo9.dll
2012-09-07 22:26 . 2012-09-07 22:26 113936 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2012-09-07 22:26 . 2009-03-18 17:18 229648 ----a-w- c:\windows\system32\SynTPAPI.dll
2012-09-07 22:26 . 2012-09-07 22:26 412944 ----a-w- c:\windows\system32\drivers\SynTP.sys
2012-09-07 22:25 . 2012-09-07 22:25 224528 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2012-09-07 22:25 . 2012-09-07 22:25 280336 ----a-w- c:\windows\system32\SynCtrl.dll
2012-09-07 22:23 . 2012-09-07 22:23 183568 ----a-w- c:\windows\SysWow64\SynCOM.dll
2012-09-07 22:23 . 2009-03-18 17:18 421648 ----a-w- c:\windows\system32\SynCOM.dll
2012-09-07 22:04 . 2010-11-04 19:51 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 22:03 . 2012-09-07 22:03 508520 ----a-w- c:\windows\system32\drivers\Rtlh64.sys
2012-09-07 22:03 . 2012-09-07 22:03 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-09-07 22:03 . 2012-09-07 22:03 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-09-07 21:53 . 2012-09-07 21:53 1361336 ----a-w- c:\windows\system32\tosade.dll
2012-09-07 21:53 . 2012-09-07 21:53 65944 ----a-w- c:\windows\system32\tepeqapo64.dll
2012-09-07 21:53 . 2012-09-07 21:53 148416 ----a-w- c:\windows\system32\tadefxapo.dll
2012-09-07 21:51 . 2012-09-07 21:51 155888 ----a-w- c:\windows\system32\SRSWOW64.dll
2012-09-07 21:51 . 2012-09-07 21:51 518896 ----a-w- c:\windows\system32\SRSTSX64.dll
2012-09-07 21:51 . 2012-09-07 21:51 211184 ----a-w- c:\windows\system32\SRSTSH64.dll
2012-09-07 21:51 . 2012-09-07 21:51 198896 ----a-w- c:\windows\system32\SRSHP64.dll
2012-09-07 21:51 . 2012-09-07 21:51 220776 ----a-w- c:\windows\system32\SFSS_APO.dll
2012-09-07 21:51 . 2012-09-07 21:51 221024 ----a-w- c:\windows\system32\SFNHK64.dll
2012-09-07 21:51 . 2012-09-07 21:51 81248 ----a-w- c:\windows\system32\SFCOM64.dll
2012-09-07 21:51 . 2012-09-07 21:51 78688 ----a-w- c:\windows\system32\SFAPO64.dll
2012-09-07 21:51 . 2012-09-07 21:51 74064 ----a-w- c:\windows\SysWow64\SFCOM.dll
2012-09-07 21:51 . 2012-09-07 21:51 331880 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2012-09-07 21:50 . 2012-09-07 21:50 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2012-09-07 21:50 . 2009-07-15 14:14 149608 ----a-w- c:\windows\system32\RtkCfg64.dll
2012-09-07 21:49 . 2012-09-07 21:49 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-09-07 21:49 . 2012-09-07 21:49 375128 ----a-w- c:\windows\system32\RTEEP64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 78680 ----a-w- c:\windows\system32\RTEEG64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 101208 ----a-w- c:\windows\system32\RTEEL64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 204120 ----a-w- c:\windows\system32\RTEED64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DAA64.dll
2012-09-07 21:46 . 2012-09-07 21:46 2131288 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2012-09-07 21:46 . 2012-09-07 21:46 341336 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2012-09-07 21:46 . 2012-09-07 21:46 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2012-09-07 21:45 . 2012-09-07 21:45 603984 ----a-w- c:\windows\system32\KAAPORT64.dll
2012-09-07 21:43 . 2012-09-07 21:43 693352 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 712296 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1756264 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1568360 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 432744 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 242792 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2012-09-07 21:43 . 2012-09-07 21:43 428648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:42 241768 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
2012-09-07 21:42 . 2012-09-07 21:42 242792 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
2012-09-07 21:42 . 2012-09-07 21:42 1486952 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
2012-09-07 21:42 . 2012-09-07 21:42 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2012-09-07 20:07 . 2012-09-07 20:07 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-09-07 20:03 . 2012-09-07 20:03 27960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2012-09-07 19:36 . 2012-09-07 19:35 8399360 ----a-w- c:\windows\system32\drivers\NETwNv64.sys
2012-09-07 19:35 . 2012-09-07 19:35 2750464 ----a-w- c:\windows\system32\NETwNr64.dll
2012-09-07 19:35 . 2012-09-07 19:35 799232 ----a-w- c:\windows\system32\NETwNc64.dll
2012-09-07 19:08 . 2012-09-07 19:08 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-08 16:36 . 2012-08-08 16:36 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-08 16:36 . 2012-08-08 16:36 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-30 01:52 . 2011-05-28 13:25 101688 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2012-07-26 18:02 . 2010-02-07 14:24 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-07-26 18:02 . 2012-08-15 15:25 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-07-26 18:02 . 2010-02-07 14:23 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-07-23 17:06 . 2009-08-03 02:38 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[7] 2008-06-03 . 35137384FFB6FB4B4C3063CEB5DB34BE . 22584 . . [6.0.6000.20847] .. c:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[7] 2008-06-03 . B388797CAAB36D523840347CC6A39B96 . 22584 . . [6.0.6001.22193] .. c:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[7] 2008-01-21 . 1898FAE8E07D97F2F6C2D5326C633FAC . 22584 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[7] 2009-04-11 . E68D9B3A3905619732F7FE039466A623 . 20952 . . [6.0.6002.18005] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
[7] 2008-06-03 . 35137384FFB6FB4B4C3063CEB5DB34BE . 22584 . . [6.0.6000.20847] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_1a9e8abf\atapi.sys
[7] 2008-06-03 . B388797CAAB36D523840347CC6A39B96 . 22584 . . [6.0.6001.22193] .. c:\windows\system32\drivers\atapi.sys
[7] 2008-06-03 . B388797CAAB36D523840347CC6A39B96 . 22584 . . [6.0.6001.22193] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_95f5a2e9\atapi.sys
[7] 2008-01-21 . 1898FAE8E07D97F2F6C2D5326C633FAC . 22584 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[7] 2006-11-02 . DF96CF8885724430024B7522E5C95722 . 20072 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
.
[7] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_80766a66ed36afa5\asyncmac.sys
[7] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\system32\drivers\asyncmac.sys
.
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\kbdclass.sys
[7] 2008-01-21 . 88EE8513158979334FEEBFD777DFF390 . 42040 . . [6.0.6000.20734] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6000.16386] .. c:\windows\system32\drivers\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_917586af\kbdclass.sys
[7] 2008-01-21 . 423696F3BA6472DD17699209B933BC26 . 42040 . . [6.0.6001.18000] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_d1a065f2\kbdclass.sys
[7] 2008-01-21 . AC1BA7446D5343DFD4267A6E0D4FC0AF . 42040 . . [6.0.6000.16609] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_36381f4d\kbdclass.sys
[7] 2006-11-02 . 4324BBE0D86A15107C670E16218BF9C9 . 39528 . . [6.0.6000.16386] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_c5bba9ff\kbdclass.sys
.
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[7] 2008-02-08 . F9A3AE5C9F047D71A36A99F9ABCA7D02 . 739384 . . [6.0.6001.22110] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_04649429ed923a09\ndis.sys
[7] 2008-02-08 . 37A917C8586225B0D04E407C11639B7E . 643640 . . [6.0.6000.20768] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_02504837f08cff85\ndis.sys
[7] 2008-01-21 . 2A2EE457AF36C5C9A6808C768BD3A12B . 739384 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[7] 2009-04-11 . 65950E07329FCEE8E6516B17C8D0ABB6 . 738264 . . [6.0.6002.18005] .. c:\windows\system32\drivers\ndis.sys
.
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[7] 2008-01-21 . FE86BA5AC3B50E2CA911E9C60C07B638 . 1540152 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys
[7] 2009-04-11 . BAC869DFB98E499BA4D9BB1FB43270E1 . 1515496 . . [6.0.6000.16386] .. c:\windows\system32\drivers\ntfs.sys
.
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_05848900d35a7bfd\null.sys
[7] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\system32\drivers\null.sys
.
[7] 2012-03-30 . 46D448E9117464E4D3BBF36D7E3FA48E . 1423744 . . [6.0.6002.18604] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[7] 2008-01-21 . 8C39C72E0E853DE04748C0337D9B9216 . 94208 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_d507c23d565be6a3\browser.dll
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[7] 2012-06-01 . 0688C6F0E5B1E0ADB1E10BF6A9023063 . 11264 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[7] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[7] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[7] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[7] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[7] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[7] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[7] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[7] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[7] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[7] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
[7] 2009-02-13 . 1979F94B28107233315DD6220F2304DD . 11264 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[7] 2009-02-13 . E231BDBD7D69857EEFFDEB3A48A53824 . 9728 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[7] 2009-02-13 . 563B71CEF1D46A24C5980FA2988DB67F . 9728 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[7] 2008-01-21 . D896A0D43F8AB81ECB1FC6C24DECFD58 . 1082368 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[7] 2009-03-03 . 857E04C16007E60FCC0803239C853E78 . 717824 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_c6259b510f93cd21\rpcss.dll
[7] 2009-03-03 . 52CDADE8289FF21F1F2215FF51A5F36C . 718336 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_c5d9dd2ff64839ac\rpcss.dll
[7] 2009-03-03 . 007F8DE7AC0F9386C3FD2EC7DC87C37A . 724992 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_c3e2cce1f92f2ca2\rpcss.dll
[7] 2009-03-03 . 54FF562C2710BB610B019D723B16FB2A . 724992 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_c47a129912422fc2\rpcss.dll
[7] 2008-01-21 . FF27BE0BA7B3C48D5C99AFCB56D436C2 . 713728 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777ff63d6f72\rpcss.dll
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[7] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[7] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe
[7] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[7] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[7] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[7] 2008-01-21 . E6519A9E756D74DC51C697BA62162F51 . 267264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[7] 2008-01-21 . 856491FCED98093D824B9EB2892F564A . 406016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuauclt.exe
[7] 2009-08-07 . 0CAF9B387CC42FC365626003E0751937 . 57560 . . [7.4.7600.226] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_4597bdc113f9f351\wuauclt.exe
[7] 2008-10-16 . 0DF8A7A5E072A6BA0AF1E563518255C0 . 54296 . . [7.2.6001.788] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_8683d52d1ee055aa\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_fc7174b1ecdd9336\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_fe5cedbde9ff5e82\wuauclt.exe
[7] 2006-11-02 . 82979850A3E9B7581E28852139EB9D01 . 44032 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_08ca3670650bd993\wuauclt.exe
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\system32\wuauclt.exe
.
[7] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6d9b810\comctl32.dll
[7] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44c5cb0dae9066\comctl32.dll
[7] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432d25ac526cda7f\comctl32.dll
[7] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9968dcc\comctl32.dll
[7] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe655b750d60b18a\comctl32.dll
[7] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a7622b394b8efb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d76b771\comctl32.dll
[7] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
[7] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
[7] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890626a5a\comctl32.dll
[7] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec\comctl32.dll
[7] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40bf29b13c26ca69\comctl32.dll
[7] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da\comctl32.dll
[7] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6\comctl32.dll
[7] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba849054f4b0\comctl32.dll
[7] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40ba501d3c2b20ff\comctl32.dll
[7] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa\comctl32.dll
[7] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_40339432230aebeb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_88cf765b9e8f4a59\comres.dll
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145070b66b\cryptsvc.dll
[7] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a969992348\cryptsvc.dll
[7] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[7] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[7] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[7] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[7] 2008-04-19 . 1782416278B378F80862187EEBC0A51C . 361472 . . [2001.12.6930.16677] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_66e14e8d0d26f566\es.dll
[7] 2008-04-19 . 7143F5F8D7FF0712B6D2F336495554FE . 361472 . . [2001.12.6930.20818] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_67accd1026130408\es.dll
[7] 2008-04-18 . AE5538074DF0BB8EE5A3ECB9F5460965 . 361984 . . [2001.12.6931.22162] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6956f87823678b7d\es.dll
[7] 2008-04-18 . 6B1A97BF9FEFBDC83F3C7C7D0F826C66 . 361984 . . [2001.12.6931.18057] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_68dd2d0b0a3d4e75\es.dll
[7] 2008-01-21 . D8338E6B3C23AD36096A6FDABD039283 . 354304 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_690c3aa10a1b115f\es.dll
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a62fea3984\imm32.dll
[7] 2008-01-21 . 8D2C00D198598AAE77B1648FFBF39895 . 163840 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_b874b99a32c86e38\imm32.dll
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[7] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b275afcf9\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700e1ced6b\usp10.dll
[7] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec110986fd\usp10.dll
[7] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2a2e5936\usp10.dll
[7] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0dfb9cb0\usp10.dll
[7] 2008-01-21 . 8745227FAB62C0886B4B122CAD1D799E . 622080 . . [1.0626.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_0919149210d9d164\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\system32\usp10.dll
.
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0c2e10be78eec\kernel32.dll
[7] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c004224f88e9f\kernel32.dll
[7] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd1caf0ec055f8\kernel32.dll
[7] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00cddde28084bf0\kernel32.dll
[7] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7f9d10bcac530\kernel32.dll
[7] 2009-02-13 . 8331C9E592358DE5157169699BD836D7 . 1208832 . . [6.0.6001.18215] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_efd6b6170eac8ed6\kernel32.dll
[7] 2009-02-13 . 2EEE45C483BA534A84CACC9D8001FE0E . 1210880 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_f02073a427f9ef9d\kernel32.dll
[7] 2009-02-13 . 1A5CE3CDE414ED758D4E1616F422C20B . 1233408 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_ede0a61311929b23\kernel32.dll
[7] 2009-02-13 . 08E8EF6A8D18BD1D89896903DCD103D2 . 1233920 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_ee74eaec2aa8523e\kernel32.dll
[7] 2008-01-21 . 1122C8BE4BC4F392598A9543DC1014E0 . 1213952 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_efdc80c50ea8f9e4\kernel32.dll
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483cda05db182e8\linkinfo.dll
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[7] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_0814533329607318\lpk.dll
[7] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2c264b6e\lpk.dll
[7] 2011-01-08 . 53F965A37AF97ED41A5D722F653F7A16 . 32768 . . [6.0.6002.22566] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_0826f22d2952ef31\lpk.dll
[7] 2011-01-08 . 973AC5DF18195F659F950BAD8B52FC27 . 32768 . . [6.0.6001.22830] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_065aee4d2c19ae30\lpk.dll
[7] 2010-10-28 . 712393754587ECC35EC72680D3031298 . 32768 . . [6.0.6002.22514] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_085b0135292c30ce\lpk.dll
[7] 2010-10-28 . 502D874EFB849DB686B31EA5C6C64750 . 32768 . . [6.0.6001.22787] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_062bded12c3bee1f\lpk.dll
[7] 2010-05-26 . 015628C13EA6B4CC62D9CFC276379F02 . 32768 . . [6.0.6002.22412] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_0858febb292e00f9\lpk.dll
[7] 2010-05-26 . 801AA6FFA579BA861BF002E5DB209F19 . 32768 . . [6.0.6001.22700] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_067b5c2b2c015d36\lpk.dll
[7] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72c1e3808\lpk.dll
[7] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92ef9aa84\lpk.dll
[7] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde15cd6ce8\lpk.dll
[7] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2941d931\lpk.dll
[7] 2009-06-15 . 4E53E703118C8092D255B4BEC2FE997B . 33280 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_045b108d2f0563f2\lpk.dll
[7] 2009-06-15 . 25634B6ADDBAB73F6EF235D26D93C84A . 33280 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_03bfc9ae15f5fb76\lpk.dll
[7] 2009-06-15 . 414E030D6D67F6F7F4663BCF441936CA . 32768 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_064546dd2c29f176\lpk.dll
[7] 2009-06-15 . 1E8003BF4D8A37EA8BFA005879D47258 . 32768 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_082db959294e7948\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_05f1b3fc12e3ce82\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_05a808e8131abf15\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b2613009b17\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_059d3cc81322d554\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_05cd7fd012fde16a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_05af10a0131467eb\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c813249fcd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d08100599ce\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_07a31c441031c027\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1016b580\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_0799506e1038efbd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_07bdc340101cfe6d\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_078d821e1041ef7e\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a010058e6a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_0c54e1384cf6f7c7\hnetcfg.dll
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[7] 2012-08-25 . 47D6B0A7C76307E86A248656957E853A . 9332224 . . [8.00.6001.23415] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23415_none_52ce7fd709758974\mshtml.dll
[7] 2012-08-25 . 55B5AC96640364F5A3354942A5AB89DC . 9329152 . . [8.00.6001.19328] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19328_none_523d13fdf05d51a0\mshtml.dll
[7] 2012-06-28 . 50013466E84ED7D9C59F001D44C7B489 . 9331712 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_5282ce7d09ae4fe4\mshtml.dll
[7] 2012-06-28 . C2FA74D9F58FB3E685C9E4054B4642D2 . 9328640 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_51f162a3f0961810\mshtml.dll
[7] 2012-05-15 . 35847FB3C697B2D8AFB644C33AFA4365 . 9331712 . . [8.00.6001.23359] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_52a73f690992616d\mshtml.dll
[7] 2012-05-15 . 69DCFBB55F1C38404A4A73B675351D31 . 9328640 . . [8.00.6001.19272] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_520100bff08b4824\mshtml.dll
[7] 2012-02-28 . 57AB356218A181794EC0F571EC0253EE . 9297408 . . [8.00.6001.23318] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_52d17ecf0972d852\mshtml.dll
[7] 2012-02-28 . FAAFB8AF62A36E2761488548D66A96BD . 9292800 . . [8.00.6001.19222] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_5237105bf062bc6f\mshtml.dll
[7] 2011-12-15 . 8CC8E0BEC91E18A01D2CFFAC0758D8E7 . 9298944 . . [8.00.6001.23286] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_5283cce109ad6c14\mshtml.dll
[7] 2011-12-15 . 8AB0B5B9233FE2DF31485107A30E35B2 . 9292288 . . [8.00.6001.19190] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_51e95e6df09d5031\mshtml.dll
[7] 2011-11-03 . 0B47AA4795394DB41B7D3E41D43EF754 . 9296896 . . [8.00.6001.23266] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_52996cb9099d3432\mshtml.dll
[7] 2011-11-03 . 3FB713AC2572582DDA87A53F9CBAABD9 . 9292288 . . [8.00.6001.19170] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_51fefe45f08d184f\mshtml.dll
[7] 2011-09-30 . 06288E2D28BED11860CFE1F2DC6906BD . 9287168 . . [8.00.6001.23250] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_529e3ae9099a8037\mshtml.dll
[7] 2011-09-30 . 6318542204255587251C2914A79B4DFF . 9284096 . . [8.00.6001.19154] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_52189f45f07945c9\mshtml.dll
[7] 2011-07-23 . 4B8CB3CD67934703B5EC5C6CD756CB1E . 9281536 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_52cf7c550974a87d\mshtml.dll
[7] 2011-07-23 . B0FAEB94C49857B08EB7E8C64FB1A190 . 9278976 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_52350de1f0648c9a\mshtml.dll
[7] 2011-05-28 . 72384FEAEE3C79B98979EA848547C8ED . 9273856 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_527ec98909b1f03a\mshtml.dll
[7] 2011-05-28 . 3A87CEE544BEB10254F9D37701EC1116 . 9272320 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_51fc2ec3f08e01d1\mshtml.dll
[7] 2011-02-22 . 6DFD3BCCF9C101847B7E68D00C92A19F . 9265664 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_52ac09cd098fb324\mshtml.dll
[7] 2011-02-22 . D972E38E0519FF6F805B88676767CE64 . 9265664 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_52276e73f06d920d\mshtml.dll
[7] 2010-12-18 . A9CBEECAF9C57A976A1E5C1042644881 . 9265152 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_52ca78fd09792ca3\mshtml.dll
[7] 2010-12-18 . 9E936F64DFF6442FCD735417305DFBDA . 9264640 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_5248de81f0545791\mshtml.dll
[7] 2010-11-02 . 08C95DAD69489E8292076EF7C7043B77 . 9263104 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_5273f7b709ba0f04\mshtml.dll
[7] 2010-11-02 . 9D88761F3C38E8D13455D37C98AB8026 . 9259520 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_51f286fff09503d7\mshtml.dll
[7] 2010-09-08 . 1AD1FA13194C76F7B3F33F32FB6C5E49 . 9259008 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_529a6937099c533b\mshtml.dll
[7] 2010-09-08 . 8F192C0984F85E2124E916B9D474F06C . 9257472 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_520425aff0886699\mshtml.dll
[7] 2010-06-26 . 2FA3E77E779AFB623876CACDF4FABA13 . 9254912 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_52a90709099269f8\mshtml.dll
[7] 2010-06-26 . 8F50E9C2F2E050E1B28EAA64A0E80CCA . 9250816 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_522294dff071e018\mshtml.dll
[7] 2010-05-04 . 8C6209A7EBA1C385418811D0D1FE0153 . 9254912 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_52d279670971fa34\mshtml.dll
[7] 2010-05-04 . 228B7D8B03447A04EAF9093A8C759B45 . 9250816 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_523d3629f05d26e9\mshtml.dll
[7] 2010-02-23 . 920734AFA549CDB058CD1AB1F74CE622 . 9248768 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_527820bd09b6411e\mshtml.dll
[7] 2012-08-25 . 55B5AC96640364F5A3354942A5AB89DC . 9329152 . . [8.00.6001.18702] .. c:\windows\system32\mshtml.dll
.
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_2f25436a5491724b\msvcrt.dll
[7] 2011-12-14 . 4B2F10ED918CA8B29A04B8B1B34D9349 . 621056 . . [7.0.6002.22755] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_2fb2e3436dab7498\msvcrt.dll
[7] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4ab054655a2f\msvcrt.dll
[7] 2008-01-21 . 11DB261E8EE318CA41498300327CB5F2 . 621056 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_2d73d1a457438ee3\msvcrt.dll
[7] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\system32\msvcrt.dll
.
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
[7] 2008-01-21 . 66306D7E90650EBE667811C1AF010BAC . 304128 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[7] 2008-01-21 . 5D0A4891F8CD0E9E64FF57A6A34044F5 . 716800 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_0123b2f0b2579bf3\powrprof.dll
[7] 2008-01-21 . 6FF12A84BDBA50AFE7FCF3A524E14B71 . 121344 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_ff3839e4b535d0a7\powrprof.dll
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[7] 2008-01-21 . 35F1DD99F9903BC267C2AF16B09F9BF7 . 235520 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed0148f16ae\sfc.dll
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4146ed6b9a71d501\tapisrv.dll
[7] 2008-01-21 . 52091001CAF20AE84CF47023EE21B4BB . 318464 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_3f5b745f9d5009b5\tapisrv.dll
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[7] 2008-01-21 . 32B87D215905F648EBE36A621978442C . 820224 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe
.
[7] 2012-08-25 . F60069B26B7FC05941DBB5FB775B4CDF . 1151488 . . [8.00.6001.23415] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23415_none_417460b8891f203e\wininet.dll
[7] 2012-08-25 . A7343332E5AEEFB6F0496405AE897B77 . 1147392 . . [8.00.6001.19328] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19328_none_40e2f4df7006e86a\wininet.dll
[7] 2012-06-28 . A14FEC86F9B5B9D0137C011850B330EF . 1151488 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_4128af5e8957e6ae\wininet.dll
[7] 2012-06-28 . 817E86B2F0A26AF4F83856003A3A7DBB . 1147392 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_40974385703faeda\wininet.dll
[7] 2012-05-15 . 3A816BB74DB02A372F2A08D99C268FC6 . 1151488 . . [8.00.6001.23359] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_414d204a893bf837\wininet.dll
[7] 2012-05-15 . EDDEEB0DD7E12EB062E47BA6A2E09D06 . 1147392 . . [8.00.6001.19272] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_40a6e1a17034deee\wininet.dll
[7] 2012-02-28 . C97A10A09973F12953F23ED844A9EF19 . 1151488 . . [8.00.6001.23318] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_41775fb0891c6f1c\wininet.dll
[7] 2012-02-28 . 96070413E0F9620565BB06A0C4CC976E . 1147392 . . [8.00.6001.19222] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_40dcf13d700c5339\wininet.dll
[7] 2011-12-15 . 9441181236A720AEC992C9EC7A5A8A39 . 1151488 . . [8.00.6001.23286] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_4129adc2895702de\wininet.dll
[7] 2011-12-15 . 8C5996CAE7455B38298D883FDBD50D57 . 1147392 . . [8.00.6001.19190] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_408f3f4f7046e6fb\wininet.dll
[7] 2011-11-03 . DDBAE0D36F9D34919563381B67919A81 . 1150976 . . [8.00.6001.23266] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_413f4d9a8946cafc\wininet.dll
[7] 2011-11-03 . B76E1F2B873877576BC1069C7EAA3B1F . 1147392 . . [8.00.6001.19170] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_40a4df277036af19\wininet.dll
[7] 2011-10-01 . B0E483C020C3DAA9620770DA9F2470F0 . 1149952 . . [8.00.6001.23250] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_41441bca89441701\wininet.dll
[7] 2011-09-30 . 771B517C773728A65AE8956ADF099D83 . 1147904 . . [8.00.6001.19154] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_40be80277022dc93\wininet.dll
[7] 2011-07-23 . 14CB1B7FA859896BE14126C3EB971FD3 . 1149952 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_41755d36891e3f47\wininet.dll
[7] 2011-07-23 . 5C5F100B93FFDA632C352AAC5C774DE6 . 1147904 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_40daeec3700e2364\wininet.dll
[7] 2011-05-28 . 964B0B8A24D4E3FAE0E365F4BEBEC471 . 1150976 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_4124aa6a895b8704\wininet.dll
[7] 2011-05-28 . 79F3767D90BA6D04D936DC16FDCB4FB2 . 1147904 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_40a20fa57037989b\wininet.dll
[7] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_4151eaae893949ee\wininet.dll
[7] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_40cd4f55701728d7\wininet.dll
[7] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_417059de8922c36d\wininet.dll
[7] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_40eebf636ffdee5b\wininet.dll
[7] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_4119d8988963a5ce\wininet.dll
[7] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_409867e1703e9aa1\wininet.dll
[7] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_41404a188945ea05\wininet.dll
[7] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_40aa06917031fd63\wininet.dll
[7] 2010-06-26 . 0B27168AD18C00B4532D11ADF08FDF16 . 1150976 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_414ee7ea893c00c2\wininet.dll
[7] 2010-06-26 . AB4A31D99C05A4C7B0C892A10E12FB47 . 1147904 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_40c875c1701b76e2\wininet.dll
[7] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_41785a48891b90fe\wininet.dll
[7] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_40e3170b7006bdb3\wininet.dll
[7] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_411e019e895fd7e8\wininet.dll
[7] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_40f4b5bb6ffa2075\wininet.dll
[7] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_4131a0e289516d58\wininet.dll
[7] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_409c33e1703cd028\wininet.dll
[7] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_414a4198893e817b\wininet.dll
[7] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_40b4d4977029e44b\wininet.dll
[7] 2009-08-27 . 924C27EDCFD50A5E7D79962A567106FB . 1052160 . . [7.00.6000.21116] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_5ca5fcca762a70a7\wininet.dll
[7] 2009-08-27 . 069A33DDF9A71531BD6CF5D3DA56EA4E . 1042432 . . [7.00.6000.16916] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_5c1c87dd5d0c9d9b\wininet.dll
[7] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_417781dc891c4465\wininet.dll
[7] 2009-08-27 . 2827B72363F5E4BD0BAF98D0518D2692 . 1032704 . . [7.00.6001.18319] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_5e05c7615a307a91\wininet.dll
[7] 2009-08-27 . D4351FED89D7D99B7FF936C55A4ED18B . 1033216 . . [7.00.6001.22508] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_5e9935b47346e23a\wininet.dll
[7] 2009-08-27 . 026F1913640BD1AB1E4E551A14E413D2 . 1032192 . . [7.00.6002.18100] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_5fee08815756ccdc\wininet.dll
[7] 2009-08-27 . 4709D3DBA8F3D3658E3CC0D5D7CE4C15 . 1032704 . . [7.00.6002.22212] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_606ed5f4707abb45\wininet.dll
[7] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_40e315257006c08c\wininet.dll
[7] 2009-07-18 . 1C0825B3B7CFDC5B868770A853DDF7E6 . 1025536 . . [7.00.6000.21089] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_5c5d4c4e7660831c\wininet.dll
[7] 2009-07-18 . 85A61BFCA4EEF0AA59AB17E455A2D589 . 1023488 . . [7.00.6000.16890] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_5bc004db5d52e7f2\wininet.dll
[7] 2009-07-18 . 956D2BEADD52257222326EB8537C9C5B . 1014272 . . [7.00.6001.18294] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_5daa44a95a75de3f\wininet.dll
[7] 2009-07-18 . 609E4B4A257B4036245AEF3F8F3488E3 . 1015296 . . [7.00.6001.22475] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_5e4a837c73825ca5\wininet.dll
[7] 2009-07-18 . 11383CCD9514FC4B2B21115841C6E74C . 1014272 . . [7.00.6002.18071] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_5fa35771578eaca3\wininet.dll
[7] 2009-07-18 . AAF4B1FF371BFD069F51FDAF2D21D3D1 . 1015296 . . [7.00.6002.22180] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_6021240670b54f07\wininet.dll
[7] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[7] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_40f2b15b6ffbf379\wininet.dll
[7] 2009-01-16 . DE2EFEAC81EE3AEF9A0A297D06DEA73C . 1014272 . . [7.00.6001.22355] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_5e60216e7372279c\wininet.dll
[7] 2009-01-15 . 4C45D9EEB15838F96D77178CD6CD4244 . 1013248 . . [7.00.6001.18203] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_5e0a93ab5a2dc96f\wininet.dll
[7] 2009-01-15 . BC8E5ED3269BF174B939B07FC167044E . 1024512 . . [7.00.6000.20996] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_5c4fa362766b1fc6\wininet.dll
[7] 2009-01-15 . A0662CC26EEDC71C8598CBD7C986B09D . 1022464 . . [7.00.6000.16809] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_5c2a56c15d01d088\wininet.dll
[7] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_5e078f015a30831c\wininet.dll
[7] 2012-08-25 . A7343332E5AEEFB6F0496405AE897B77 . 1147392 . . [8.00.6001.18702] .. c:\windows\system32\wininet.dll
.
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
[7] 2008-01-21 . 63944ECFE4878C1C4889689324CABFAB . 265216 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\ws2help.dll
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[7] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee10c108556a\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d7a8078d99\ole32.dll
[7] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7baaf08c87\ole32.dll
[7] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b36c3dc9850\ole32.dll
[7] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbeba7d09d06\ole32.dll
[7] 2008-01-21 . F36E23B80AC04538726699670050121D . 1923072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_083c42dfaaaed1ba\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f718665b4c03ea89\ctfmon.exe
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[7] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f1fd585934f\shsvcs.dll
[7] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3aaf1823d60\shsvcs.dll
[7] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebda8ee92f85e\shsvcs.dll
[7] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f51d8629d02\shsvcs.dll
[7] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b873024ebb78030\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af7919dd29f485c\shsvcs.dll
[7] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71b9d26cd364\shsvcs.dll
[7] 2008-01-21 . EB3114330236CF030E8EDF62881BAF67 . 301568 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_294ef8add54b0818\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701a4938f68d83\regsvc.dll
[7] 2008-01-21 . 416C611369CBE49074B89CEE2F83ABEF . 206336 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_e584a13d3bd4c237\regsvc.dll
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf8454ca4d06e\schedsvc.dll
[7] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab4414f8780bd\schedsvc.dll
[7] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e08c065a3caed\schedsvc.dll
[7] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b49134268c58d72\schedsvc.dll
[7] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b33214c81b53a\schedsvc.dll
[7] 2008-02-26 . C315E4CD537736E53D1F28A497FBE29B . 844288 . . [6.0.6000.20779] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20779_none_89806b606b87a06d\schedsvc.dll
[7] 2008-01-21 . C74C6C01353D87AAFE1193B426D667B0 . 843776 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_8b1fba154f5fe9ee\schedsvc.dll
[7] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427e0952313d0c\schedsvc.dll
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe80e6f8995baeb\ssdpsrv.dll
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[7] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
[7] 2012-08-29 . 34C970A45CCC0D65A4A0F8D306E12844 . 4686208 . . [6.0.6002.22920] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
[7] 2012-04-03 . B59E026F49BF06B435795F867AD46009 . 4687232 . . [6.0.6002.22831] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[7] 2012-04-03 . 7180984A68411B9D2F2495E03561B47E . 4699520 . . [6.0.6002.18607] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[7] 2012-03-06 . 98581CA6B029D491F60E32A045BC4FF1 . 4699520 . . [6.0.6002.18595] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_c9d9306269eb3c26\ntoskrnl.exe
[7] 2012-03-06 . B448C24F801DC79661E30DBC8E739DB2 . 4687744 . . [6.0.6002.22811] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_cab54f3182cb915a\ntoskrnl.exe
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[7] 2011-06-20 . D14B8C4AB6C05B89D430D3911FE2833B . 4688784 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[7] 2010-10-15 . 760A67A51D409EB396D1942D5555435C . 4692368 . . [6.0.6001.18538] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[7] 2010-10-15 . 4065E920FB6ED05B5F62A1FB6908C6C5 . 4699024 . . [6.0.6002.18327] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[7] 2010-10-15 . 255A6D981139EFEF605A88E003D1B2A2 . 4689808 . . [6.0.6002.22505] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[7] 2010-10-15 . 3A22B135BC4341025E19B9ADFB26C02A . 4678032 . . [6.0.6001.22777] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[7] 2010-06-08 . 04C706018E9F0A2C835A427A8AB6EBA1 . 4688256 . . [6.0.6002.22420] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[7] 2010-06-08 . 825926D6AD714A529F4069D9EBBD1D3B . 4697992 . . [6.0.6002.18267] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[7] 2010-06-08 . CCCD9EE56C92778385A3E715DC3D5ABF . 4690832 . . [6.0.6001.18488] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[7] 2010-06-08 . 31F137EEB5121654A9448904D89209A2 . 4675976 . . [6.0.6001.22707] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[7] 2010-02-18 . AF706D838B59A6C30D8B46C5C2D9D2FD . 4411272 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[7] 2010-02-18 . 8E3658ABC4A2053DBEA37C84E416DEB5 . 4424072 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[7] 2010-02-18 . C0EC74895F90E5E788061C7F305F57D1 . 4678032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[7] 2010-02-18 . 413D579C2CDEF19CD842F4DF4A90C4ED . 4690832 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[7] 2010-02-18 . 72FD908E7D1F176C00F1EF8F3D1445B0 . 4697992 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[7] 2010-02-18 . AE0C10C55347383C0CD6CFF3F4794FD7 . 4690304 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[7] 2009-12-08 . 6DC7FC9EB17EF1CB809AED351DE91DB9 . 4678232 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[7] 2009-12-08 . 5183EBE8114DA62A532E275CFB3729CC . 4425304 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[7] 2009-12-08 . 46B167601033C2DB4E1A727569A8CA31 . 4412504 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[7] 2009-12-08 . E50C900C7F479886F26FA60ADBEE5852 . 4691032 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[7] 2009-12-08 . 9668520760E72E1B1B9EDFB7BFB6A691 . 4698184 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[7] 2009-12-08 . CBA7366E93C4DCAA62005A177EEC2FCE . 4691528 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[7] 2009-08-05 . 5E99FFD02816FF54247294C7C9C003B9 . 4412488 . . [6.0.6000.21101] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[7] 2009-08-05 . C53B06CB817845873A3D32C1BAD33727 . 4425288 . . [6.0.6000.16901] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[7] 2009-08-05 . 043EB4B7C74C189E06584411B2C9EB8F . 4691016 . . [6.0.6001.18304] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[7] 2009-08-05 . 0170600F2A613CE3E8CC2B66A6DC7885 . 4682824 . . [6.0.6001.22489] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[7] 2009-08-05 . 0DD0FCFB9609403352FF75656826E82F . 4693576 . . [6.0.6002.22191] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[7] 2009-08-04 . 8E43DA6C8040C68446AA4B5D84C8127A . 4698168 . . [6.0.6002.18082] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[7] 2009-07-23 . D8BB403D63BA0A113E9A4F8E3BF81F8B . 4693560 . . [6.0.6002.22183] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22183_none_ca6b930783029b8e\ntoskrnl.exe
[7] 2009-07-23 . FDA61279138FDC0CEF095F80EC3CB828 . 4682840 . . [6.0.6001.22478] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22478_none_c894f27d85cfa92c\ntoskrnl.exe
[7] 2009-07-23 . 0FBBFD4F390D8ACF748639A81571D173 . 4693560 . . [6.0.6002.22182] .. c:\windows\SoftwareDistribution\Download\89e73f414480aad9fb9ce983f97f1f68\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22182_none_ca6a92bd83038237\ntoskrnl.exe
[7] 2009-07-23 . D7720F230E823CDF83ADD91014F44752 . 4682824 . . [6.0.6001.22477] .. c:\windows\SoftwareDistribution\Download\89e73f414480aad9fb9ce983f97f1f68\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22477_none_c893f23385d08fd5\ntoskrnl.exe
[7] 2009-07-22 . AC1AE1A7F7771A64FD4ACDC5D08334A6 . 4698696 . . [6.0.6002.18075] .. c:\windows\SoftwareDistribution\Download\89e73f414480aad9fb9ce983f97f1f68\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18075_none_c9eec6bc69db1281\ntoskrnl.exe
[7] 2009-07-22 . AC1AE1A7F7771A64FD4ACDC5D08334A6 . 4698696 . . [6.0.6002.18075] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18075_none_c9eec6bc69db1281\ntoskrnl.exe
[7] 2009-07-21 . 4F9F4E0AEDF19C4C3E3AF8D981663996 . 4691032 . . [6.0.6001.18295] .. c:\windows\SoftwareDistribution\Download\89e73f414480aad9fb9ce983f97f1f68\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18295_none_c7f2b3166cc4f818\ntoskrnl.exe
[7] 2009-07-21 . 4F9F4E0AEDF19C4C3E3AF8D981663996 . 4691032 . . [6.0.6001.18295] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18295_none_c7f2b3166cc4f818\ntoskrnl.exe
[7] 2009-04-11 . 1B60CCC70788044404EEFBBB389FC111 . 4699608 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[7] 2009-03-03 . 65252FED486E5BF1E384CA65C16148C7 . 4691424 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[7] 2009-03-03 . ED97E8551F0B1844250ED1B07393B10D . 4692448 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[7] 2009-03-03 . 8B3095B00E832ABFC7047A04E681CCDE . 4427232 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[7] 2009-03-03 . CC172711FF2FCE0673321A951B02C379 . 4413936 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[7] 2008-09-18 . 5E31190EF331709EAB9FB66C3683540B . 4694584 . . [6.0.6001.22269] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[7] 2008-09-18 . 247A2AAF7E5189716192EE19EC6EC6FB . 4694584 . . [6.0.6001.18145] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[7] 2008-09-18 . 2A87B3D380E3800BF247D82E58F0FCBA . 4429368 . . [6.0.6000.16754] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[7] 2008-09-18 . EFAAC7A874B65DF3F26B5092291D4859 . 4416056 . . [6.0.6000.20921] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[7] 2008-04-26 . 6DEA6827709FC6F047580111651DFF02 . 4694584 . . [6.0.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[7] 2008-04-26 . A1DC0EFF401FE35688F1046F10BEE5BF . 4694584 . . [6.0.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[7] 2008-01-21 . 6760643D6400CA78640E9DD3824115B1 . 4694072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[7] 2012-08-29 . 1A14913D51571403CF8A3941BDC3BA67 . 4699520 . . [6.0.6002.18686] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_442037e04fa9b5c7\ksuser.dll
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_d38a739ed46982f7\msimg32.dll
[7] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\system32\msimg32.dll
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_720177625a73c603\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7135f8df4187b761\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7331d75d3e9e1070\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_73aba2ca57c84d78\es.dll
[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7360e4f33e7bd35a\es.dll
.
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf8644afb7f\imm32.dll
[7] 2008-01-21 . CA3091655E2257B3E3EA86F79A696C56 . 116224 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_c2c963ec67293033\imm32.dll
.
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf56d33404850e7\kernel32.dll
[7] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90aa945959509a\kernel32.dll
[7] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11c701432117f3\kernel32.dll
[7] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa6188305c690deb\kernel32.dll
[7] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1ca423402b872b\kernel32.dll
[7] 2009-02-13 . D4902D1DC60CB71197EFE4474A582841 . 855552 . . [6.0.6001.18215] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_fa2b6069430d50d1\kernel32.dll
[7] 2009-02-13 . 1B5BE39A927C36B3162ADA23B6CA001E . 858112 . . [6.0.6001.22376] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_fa751df65c5ab198\kernel32.dll
[7] 2009-02-13 . 444A00544B4EDFEDD8FCCD281EDE3ED4 . 840704 . . [6.0.6000.16820] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_f835506545f35d1e\kernel32.dll
[7] 2009-02-13 . 4118366CDDA655F8AEDB20CD03DEBAE9 . 841216 . . [6.0.6000.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_f8c9953e5f091439\kernel32.dll
[7] 2008-01-21 . 799EEDF377F3B72DB30192AD9FD3C7F3 . 855552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_fa312b174309bbdf\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865321ca55411b2\linkinfo.dll
.
[7] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855dc13513\lpk.dll
[7] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef60870d69\lpk.dll
[7] 2011-01-08 . 2929BD36F338E1C844FCCB88AFC4DA03 . 23552 . . [6.0.6002.22566] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_127b9c7f5db3b12c\lpk.dll
[7] 2011-01-08 . 077B74545B155C7C16F5951C48F6C9FE . 23552 . . [6.0.6001.22830] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_10af989f607a702b\lpk.dll
[7] 2010-10-28 . EAA25894F6FA01BB1321289E822B390D . 23552 . . [6.0.6002.22514] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_12afab875d8cf2c9\lpk.dll
[7] 2010-10-28 . 72508445768DC97CC522FAE65978DBF4 . 23552 . . [6.0.6001.22787] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_10808923609cb01a\lpk.dll
[7] 2010-05-26 . EF35D31F154DAA93E435D3B18192C40B . 23552 . . [6.0.6002.22412] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_12ada90d5d8ec2f4\lpk.dll
[7] 2010-05-26 . 26E0671ADDD67570AACEC81B2A8803ED . 23552 . . [6.0.6001.22700] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_10d0067d60621f31\lpk.dll
[7] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304a2e2ee3\lpk.dll
[7] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b635a6c7f\lpk.dll
[7] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c429607efa03\lpk.dll
[7] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5da29b2c\lpk.dll
[7] 2009-06-15 . 204EFDC76394A6FB0816D61810C8F529 . 24064 . . [6.0.6000.16870] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_0e1474004a56bd71\lpk.dll
[7] 2009-06-15 . C5028B831E4489F0CEEABFD133855EFF . 23552 . . [6.0.6001.22450] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_1099f12f608ab371\lpk.dll
[7] 2009-06-15 . C92953010CA9964A33210C3273EEB78C . 24064 . . [6.0.6000.21067] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_0eafbadf636625ed\lpk.dll
[7] 2009-06-15 . 459DE300727C02D420DB389B721AF44E . 23552 . . [6.0.6002.22152] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_128263ab5daf3b43\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a44665bc9\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_11f7c69644928222\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4477777b\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_11edfac04499b1b8\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_12126d92447dc068\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_11e22c7044a2b179\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def244665065\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_10465e4e4744907d\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_0ffcb33a477b8110\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f257847615d12\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_0ff1e71a4783974f\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_10222a22475ea365\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_1003baf2477529e6\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a478561c8\lpk.dll
.
[7] 2012-08-25 . B84463D8A456CCF90BAB926319322E61 . 6010368 . . [8.00.6001.23415] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23415_none_f6afe4535118183e\mshtml.dll
[7] 2012-08-25 . 9D221287C2E1198BE10E4C2299B6F7FD . 6008832 . . [8.00.6001.18702] .. c:\windows\SysWOW64\mshtml.dll
[7] 2012-08-25 . 9D221287C2E1198BE10E4C2299B6F7FD . 6008832 . . [8.00.6001.19328] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19328_none_f61e787a37ffe06a\mshtml.dll
[7] 2012-06-28 . 0D5E31ADA4C9D24A7891E92DD33D406C . 6010368 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_f66432f95150deae\mshtml.dll
[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_f5d2c7203838a6da\mshtml.dll
[7] 2012-05-15 . FACC0814B3D95D317E44070859AB5978 . 6009344 . . [8.00.6001.23359] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_f688a3e55134f037\mshtml.dll
[7] 2012-05-15 . 6224CD5ACCF78EBC082CF7A493D0A340 . 6007808 . . [8.00.6001.19272] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_f5e2653c382dd6ee\mshtml.dll
[7] 2012-02-28 . 6758A38197024E71F71FFF507A1AD2F1 . 5980672 . . [8.00.6001.23318] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_f6b2e34b5115671c\mshtml.dll
[7] 2012-02-28 . 5F25D5561F5BDA32EDE1193EC01529BF . 5978624 . . [8.00.6001.19222] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_f61874d838054b39\mshtml.dll
[7] 2011-12-15 . 0FB4CBF8B6F2407B821266F80C4EAA88 . 5980160 . . [8.00.6001.23286] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_f665315d514ffade\mshtml.dll
[7] 2011-12-15 . 62CA6A044EE909202D74C138012DD9AF . 5979136 . . [8.00.6001.19190] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_f5cac2ea383fdefb\mshtml.dll
[7] 2011-11-03 . D4D63FCD03E8B58D5F1DDE6D64E0FF1B . 5978624 . . [8.00.6001.23266] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_f67ad135513fc2fc\mshtml.dll
[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.19170] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_f5e062c2382fa719\mshtml.dll
[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.23250] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.19154] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
[7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
[7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
[7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
[7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
[7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll
[7] 2009-10-21 . 159239C8EF4D26392F9C160369348C61 . 5943296 . . [8.00.6001.22942] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22942_none_f68c93f75132f82e\mshtml.dll
[7] 2009-10-21 . 9BFB2F7C3A2F626040C4EB8CE5C6ED2A . 5939712 . . [8.00.6001.18852] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18852_none_f5f82740381d7455\mshtml.dll
[7] 2009-08-27 . AF7541BC2D91483328E6D9910CD33DD5 . 3598336 . . [7.00.6000.16916] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16916_none_11580b782505959b\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[7] 2008-01-21 . 3D691030DBD3BD75DE1501BE54F0D425 . 648192 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[7] 2012-08-25 . DDC718A719B351415455920F71EC4570 . 920064 . . [8.00.6001.23415] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23415_none_e555c534d0c1af08\wininet.dll
[7] 2012-08-25 . 69D83FEF59F46E9EBF06E805547DB534 . 916992 . . [8.00.6001.18702] .. c:\windows\SysWOW64\wininet.dll
[7] 2012-08-25 . 69D83FEF59F46E9EBF06E805547DB534 . 916992 . . [8.00.6001.19328] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19328_none_e4c4595bb7a97734\wininet.dll
[7] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll
[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll
[7] 2012-05-15 . 1FDE47149D9B08C0CEBEE731FDB39E0B . 920064 . . [8.00.6001.23359] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_e52e84c6d0de8701\wininet.dll
[7] 2012-05-15 . DEAF5B0677A6B864B8F4F41C127695DB . 916992 . . [8.00.6001.19272] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_e488461db7d76db8\wininet.dll
[7] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.23318] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll
[7] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.19222] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll
[7] 2011-12-15 . 2F56B044E8ED4FAA812A19A8DF2115EE . 919552 . . [8.00.6001.23286] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_e50b123ed0f991a8\wininet.dll
[7] 2011-12-15 . DA7C58952F082AECABF775C83F913C6F . 916992 . . [8.00.6001.19190] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_e470a3cbb7e975c5\wininet.dll
[7] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.23266] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll
[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.19170] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll
[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.23250] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.19154] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-08-27 . 2BD22AA29893876347BA1BE62487748A . 832512 . . [7.00.6000.16916] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll
[7] 2009-08-27 . D5709010F06FEC697CCB2831D0821E0B . 840704 . . [7.00.6000.21116] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll
[7] 2009-08-27 . 604E16194F1E60084B948ACAE8334E0F . 833024 . . [7.00.6001.18319] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll
[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[7] 2009-08-27 . C628812EA5016B1C3E13E082940D5AF6 . 834048 . . [7.00.6001.22508] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll
[7] 2009-08-27 . 5E382486BCCCF4C50A810E2DF18C8CDB . 834048 . . [7.00.6002.22212] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll
[7] 2009-08-27 . D88D19604AACE2101B13260322FB4A3A . 834048 . . [7.00.6002.18100] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll
[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[7] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll
[7] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[7] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[7] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[7] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[7] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\ws2help.dll
.
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[7] 2008-10-30 . E404A65EF890140410E9F3D405841C95 . 3081216 . . [6.0.6001.22298] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[7] 2008-10-29 . BBD8E74F23D7605CB0CDB57A1B25D826 . 3080704 . . [6.0.6001.18164] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[7] 2008-10-29 . 50514057C28A74BAC2BD04B7B990D615 . 3087360 . . [6.0.6000.16771] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[7] 2008-10-28 . 72B9990E45C25AA3C75C4FB50A9D6CE0 . 3086848 . . [6.0.6000.20947] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[7] 2008-01-21 . F6D765FB6B457542D954682F50C26E4F . 3080704 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
.
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\SysWOW64\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\msimg32.dll
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_776bd81b1c0c11c1\msimg32.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_285b7a4b21423100\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-21 02:48 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[7] 2012-08-25 . 73FB5D3283671B301A59544B58EFECF8 . 638064 . . [8.00.6001.23415] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23415_none_7942179635ab511c\iexplore.exe
[7] 2012-08-25 . E5E317948D5F2B28A7D7A2E8F29F1008 . 638064 . . [8.00.6001.19328] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19328_none_78b0abbd1c931948\iexplore.exe
[7] 2012-06-28 . CE4945834BFE91AF301FA829E3E8A7AA . 638048 . . [8.00.6001.23385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23385_none_78f6663c35e4178c\iexplore.exe
[7] 2012-06-28 . 7BC18656CCDD305665D3D7FAA283744A . 638048 . . [8.00.6001.19298] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19298_none_7864fa631ccbdfb8\iexplore.exe
[7] 2012-05-15 . 26B900640CE979A708FD3793FA8A6C50 . 638048 . . [8.00.6001.23359] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23359_none_791ad72835c82915\iexplore.exe
[7] 2012-05-15 . 9AC31470779A703021C337FD83D683EE . 638048 . . [8.00.6001.19272] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19272_none_7874987f1cc10fcc\iexplore.exe
[7] 2012-02-28 . CF4EFFB58D9D91E8D219C8E93BC59471 . 638240 . . [8.00.6001.23318] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_7945168e35a89ffa\iexplore.exe
[7] 2012-02-28 . 00A346CE3D3701EA085E87EEF746A74A . 638240 . . [8.00.6001.19222] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19222_none_78aaa81b1c988417\iexplore.exe
[7] 2011-12-15 . 54EF418BD99720658CCE24210799BD1A . 638240 . . [8.00.6001.23286] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23286_none_78f764a035e333bc\iexplore.exe
[7] 2011-12-15 . AB18B8902C06954F8DFBAC5C6DC7E1E8 . 638240 . . [8.00.6001.19190] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19190_none_785cf62d1cd317d9\iexplore.exe
[7] 2011-11-03 . 2A268DF89913A0E927091077878EDB3E . 638240 . . [8.00.6001.23266] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23266_none_790d047835d2fbda\iexplore.exe
[7] 2011-11-03 . CCDB0B2D1F2E016966B1DB1097E24842 . 638240 . . [8.00.6001.19170] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19170_none_787296051cc2dff7\iexplore.exe
[7] 2011-09-30 . 0E1695AD4C30E72D68170F01B4818A80 . 638216 . . [8.00.6001.23250] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_7911d2a835d047df\iexplore.exe
[7] 2011-09-30 . 7ACBBC85FCE4989B533220FC3B291633 . 638216 . . [8.00.6001.19154] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_788c37051caf0d71\iexplore.exe
[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.23216] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_7943141435aa7025\iexplore.exe
[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.19120] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_78a8a5a11c9a5442\iexplore.exe
[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.23181] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_78f2614835e7b7e2\iexplore.exe
[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.19088] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_786fc6831cc3c979\iexplore.exe
[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.23143] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_791fa18c35c57acc\iexplore.exe
[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.19048] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_789b06331ca359b5\iexplore.exe
[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.23111] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_793e10bc35aef44b\iexplore.exe
[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.19019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_78bc76411c8a1f39\iexplore.exe
[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.23091] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_78e78f7635efd6ac\iexplore.exe
[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18999] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_78661ebf1ccacb7f\iexplore.exe
[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.23067] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_790e00f635d21ae3\iexplore.exe
[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18975] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_7877bd6f1cbe2e41\iexplore.exe
[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.23040] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_791c9ec835c831a0\iexplore.exe
[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18943] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_78962c9f1ca7a7c0\iexplore.exe
[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.23019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_7946112635a7c1dc\iexplore.exe
[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18928] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_78b0cde91c92ee91\iexplore.exe
[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.22995] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_78ebb87c35ec08c6\iexplore.exe
[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18904] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_78c26c991c865153\iexplore.exe
[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.22973] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_78ff57c035dd9e36\iexplore.exe
[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18882] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_7869eabf1cc90106\iexplore.exe
[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.22956] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_7917f87635cab259\iexplore.exe
[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18865] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_78828b751cb61529\iexplore.exe
[7] 2009-08-27 . 9E45866CD349219784CD5A7620DBEB8A . 634632 . . [7.00.6000.16916] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16916_none_93ea3ebb0998ce79\iexplore.exe
[7] 2009-08-27 . A76AFC309AA55CD607A28AC41C7D7603 . 634632 . . [7.00.6000.21116] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21116_none_9473b3a822b6a185\iexplore.exe
[7] 2009-08-27 . BBF84F317553520BB78AEF7B047325C1 . 634648 . . [7.00.6001.18319] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18319_none_95d37e3f06bcab6f\iexplore.exe
[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.22918] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_794538ba35a87543\iexplore.exe
[7] 2009-08-27 . FE2DFF83B7753AC47C553EF7D5289BEE . 634648 . . [7.00.6001.22508] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22508_none_9666ec921fd31318\iexplore.exe
[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18828] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_78b0cc031c92f16a\iexplore.exe
[7] 2009-07-18 . 1D8163DBFECAEDB9C48C5F55084BC491 . 634648 . . [7.00.6001.18294] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_9577fb8707020f1d\iexplore.exe
[7] 2009-07-18 . 1D5A01AA2DE47C052AF46D7EBCB003A3 . 634648 . . [7.00.6000.16890] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_938dbbb909df18d0\iexplore.exe
[7] 2009-07-18 . 7FCF4E704A48D95202F3E7A1E1A21412 . 634648 . . [7.00.6000.21089] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_942b032c22ecb3fa\iexplore.exe
[7] 2009-07-18 . EBEE9E4421F35CD861107DDA0266FBB1 . 634648 . . [7.00.6001.22475] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_96183a5a200e8d83\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_78c068391c882457\iexplore.exe
[7] 2009-01-15 . F0B1CA517977BA2FF6DA33F1B966C488 . 634024 . . [7.00.6000.20996] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_941d5a4022f750a4\iexplore.exe
[7] 2009-01-15 . 0844F5B9CB3BB85A917D347EF1565B6C . 634024 . . [7.00.6000.16809] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_93f80d9f098e0166\iexplore.exe
[7] 2008-01-21 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_95d545df06bcb3fa\iexplore.exe
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_764d448c52115294\rasadhlp.dll
.
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]
"NDSTray.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" [2009-03-17 304496]
"cfFncEnabler.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe" [2009-03-24 16384]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-08-08 296096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 15:37]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
2012-10-12 c:\windows\Tasks\User_Feed_Synchronization-{22FE0B5E-F436-4697-8A24-8488C8668900}.job
- c:\windows\system32\msfeedssync.exe [2012-09-23 08:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-13 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-13 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-13 200216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-21 12503184]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-03-24 1123840]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.55.5.10 209.55.5.11
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{cf51de5b-eb36-4114-bb69-84df63fbadb4} - c:\program files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll
Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
Wow6432Node-HKCU-Run-DW7 - c:\program files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
AddRemove-RealPlayer 15.0 - c:\program files (x86)\real\realplayer\Update\r1puninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
c:\program files (x86)\Trusteer\Rapport\bin\RapportService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
c:\program files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
.
Completion time: 2012-10-12 12:54:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-12 17:54
.
Pre-Run: 148,282,150,912 bytes free
Post-Run: 148,108,988,416 bytes free
.
- - End Of File - - 6C129F87A510ECD87A19D3AF2E6C4359

Corrine · Oct 12, 2012

Hi, Ken.

All of the files removed by Malwarebytes Antimalware from your friend's computer were all related to the "potentially unwanted program", MyWebSearch.

I don't like all the failed sig checks in the log and am getting a bit dizzy checking the MD5's in all the listings. I have seen where a restart for some reason solves that though. However, in order to tell more about what is going on, please provide the logs requested at Malware Removal Posting Instructions.

In addition, please do the following: Please download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important: Save it to your desktop.

Double-click CKScanner.exe (Right-click and select "Run as administrator" in Windows Vista/Windows 7).
Give permission if necessary, and click Search For Files.
After a very short time, when the cursor hour glass disappears, click Save List To File.
A message box will verify the file saved. Please run the program once only.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

N_J · Oct 12, 2012

Hi Corrine, yeah those MD5's was making my head spin round and round.

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.LONAUF
----- EOF -----

===================================================================================

Results of screen317's Security Check version 0.99.51
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
Java 7 Update 7
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````

===================================================================================

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by ddecker at 19:53:36 on 2012-10-12
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3963.2001 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll
TB: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [NDSTray.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
mRun: [cfFncEnabler.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 209.55.5.10 209.55.5.11
TCP: Interfaces\{2FB0FBA6-6420-43BE-950B-BE7DDB297058} : DhcpNameServer = 209.55.5.10 209.55.5.11
TCP: Interfaces\{B763E676-6106-4F58-A81A-91ACBB15E641} : DhcpNameServer = 192.168.1.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll
TB-X64: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [NDSTray.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
mRun-x64: [cfFncEnabler.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe"
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-10-4 1385120]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20121012.001\IDSviA64.sys [2012-10-12 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0604000.009\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0604000.009\SYMTDIV.SYS [?]
R2 camsvc;TOSHIBA Web Camera Service;C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-7-15 20544]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-3-6 36864]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccsvchst.exe [2012-10-4 138272]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-4-14 251392]
R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-3-17 84480]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\system32\DRIVERS\TVALZFL.sys --> C:\Windows\system32\DRIVERS\TVALZFL.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]
R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys --> C:\Windows\system32\DRIVERS\FwLnk.sys [?]
R3 NETwNv64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETwNv64.sys --> C:\Windows\system32\DRIVERS\NETwNv64.sys [?]
R3 PGEffect;Pangu effect driver;C:\Windows\system32\DRIVERS\pgeffect.sys --> C:\Windows\system32\DRIVERS\pgeffect.sys [?]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver;C:\Windows\system32\DRIVERS\pmkbdfltr.sys --> C:\Windows\system32\DRIVERS\pmkbdfltr.sys [?]
R3 SmbDrvI;SmbDrvI;C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys --> C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-12-11 54136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-15 135664]
S2 TPCHSrv;TPCH Service; [x]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-16 250808]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-15 135664]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys --> C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys [?]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\system32\DRIVERS\nwusbser2.sys --> C:\Windows\system32\DRIVERS\nwusbser2.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-5 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-10-13 00:07:22 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-12 22:25:50 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-12 22:25:50 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-12 22:25:22 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-12 20:38:39 -------- d-----w- C:\Program Files (x86)\ESET
2012-10-12 17:23:25 -------- d-----w- C:\Users\ddecker\AppData\Local\temp
2012-10-12 17:03:28 98816 ----a-w- C:\Windows\sed.exe
2012-10-12 17:03:28 518144 ----a-w- C:\Windows\SWREG.exe
2012-10-12 17:03:28 256000 ----a-w- C:\Windows\PEV.exe
2012-10-12 17:03:28 208896 ----a-w- C:\Windows\MBR.exe
2012-10-12 00:02:30 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-12 00:02:30 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-12 00:02:21 218624 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-12 00:02:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-12 00:02:15 985088 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-12 00:02:15 1268736 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-12 00:02:14 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-12 00:02:14 174592 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-12 00:02:14 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-12 00:02:14 132096 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-12 00:02:04 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-04 18:31:20 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtsp64.sys
2012-10-04 18:31:20 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys
2012-10-04 18:31:20 445560 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symtdiv.sys
2012-10-04 18:31:20 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys
2012-10-04 18:31:20 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtspx64.sys
2012-10-04 18:31:20 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys
2012-10-04 18:31:20 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys
2012-10-04 18:31:19 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys
2012-10-04 18:30:52 -------- d-----w- C:\Windows\System32\drivers\N360x64\0604000.009
2012-09-21 04:01:13 836544 ----a-w- C:\Windows\System32\tadefxapo264.dll
2012-09-21 04:01:10 2605400 ----a-w- C:\Windows\System32\WavesGUILib.dll
2012-09-21 04:01:07 869520 ----a-w- C:\Windows\System32\RtkApi64.dll
2012-09-21 04:01:06 2674320 ----a-w- C:\Windows\System32\RtPgEx64.dll
2012-09-21 04:01:06 1262696 ----a-w- C:\Windows\System32\RTCOM64.dll
2012-09-21 04:01:05 4065296 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2012-09-21 04:01:04 5096448 ----a-w- C:\Windows\System32\RCoRes64.dat
2012-09-21 04:01:04 105616 ----a-w- C:\Windows\System32\RCoInstII64.dll
2012-09-20 23:53:49 -------- d-----w- C:\Users\ddecker\AppData\Roaming\Systweak
2012-09-20 23:53:48 19368 ----a-w- C:\Windows\System32\roboot64.exe
2012-09-14 03:28:37 -------- d-----w- C:\Program Files (x86)\The Weather Channel
.
==================== Find3M ====================
.
2012-10-10 15:37:48 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-10 15:37:47 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 04:01:07 3615888 ----a-w- C:\Windows\System32\RtkAPO64.dll
2012-09-07 22:28:26 1048576 ----a-w- C:\Windows\System32\syndata.bin
2012-09-07 22:26:44 68880 ----a-w- C:\Windows\SysWow64\SynTPEnhPS.dll
2012-09-07 22:26:22 150800 ----a-w- C:\Windows\System32\SynTPCo9.dll
2012-09-07 22:26:21 113936 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2012-09-07 22:26:20 229648 ----a-w- C:\Windows\System32\SynTPAPI.dll
2012-09-07 22:26:19 412944 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2012-09-07 22:25:17 224528 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2012-09-07 22:25:16 280336 ----a-w- C:\Windows\System32\SynCtrl.dll
2012-09-07 22:23:38 421648 ----a-w- C:\Windows\System32\SynCOM.dll
2012-09-07 22:23:38 183568 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2012-09-07 22:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-07 22:03:35 508520 ----a-w- C:\Windows\System32\drivers\Rtlh64.sys
2012-09-07 22:03:11 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-09-07 22:03:10 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-09-07 21:53:40 1361336 ----a-w- C:\Windows\System32\tosade.dll
2012-09-07 21:53:34 65944 ----a-w- C:\Windows\System32\tepeqapo64.dll
2012-09-07 21:53:30 148416 ----a-w- C:\Windows\System32\tadefxapo.dll
2012-09-07 21:51:19 518896 ----a-w- C:\Windows\System32\SRSTSX64.dll
2012-09-07 21:51:19 155888 ----a-w- C:\Windows\System32\SRSWOW64.dll
2012-09-07 21:51:16 211184 ----a-w- C:\Windows\System32\SRSTSH64.dll
2012-09-07 21:51:16 198896 ----a-w- C:\Windows\System32\SRSHP64.dll
2012-09-07 21:51:15 220776 ----a-w- C:\Windows\System32\SFSS_APO.dll
2012-09-07 21:51:13 221024 ----a-w- C:\Windows\System32\SFNHK64.dll
2012-09-07 21:51:11 81248 ----a-w- C:\Windows\System32\SFCOM64.dll
2012-09-07 21:51:11 78688 ----a-w- C:\Windows\System32\SFAPO64.dll
2012-09-07 21:51:11 74064 ----a-w- C:\Windows\SysWow64\SFCOM.dll
2012-09-07 21:51:03 331880 ----a-w- C:\Windows\System32\RtlCPAPI64.dll
2012-09-07 21:50:29 149608 ----a-w- C:\Windows\System32\RtkCfg64.dll
2012-09-07 21:50:29 14952 ----a-w- C:\Windows\System32\RtkCoLDR64.dll
2012-09-07 21:49:47 1560168 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2012-09-07 21:49:12 375128 ----a-w- C:\Windows\System32\RTEEP64A.dll
2012-09-07 21:49:10 78680 ----a-w- C:\Windows\System32\RTEEG64A.dll
2012-09-07 21:49:10 204120 ----a-w- C:\Windows\System32\RTEED64A.dll
2012-09-07 21:49:10 101208 ----a-w- C:\Windows\System32\RTEEL64A.dll
2012-09-07 21:49:03 310104 ----a-w- C:\Windows\System32\RP3DHT64.dll
2012-09-07 21:49:02 310104 ----a-w- C:\Windows\System32\RP3DAA64.dll
2012-09-07 21:46:29 2131288 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
2012-09-07 21:46:10 341336 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2012-09-07 21:46:08 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2012-09-07 21:45:38 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll
2012-09-07 21:43:38 693352 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll
2012-09-07 21:43:27 712296 ----a-w- C:\Windows\System32\DTSSymmetryDLL64.dll
2012-09-07 21:43:23 1756264 ----a-w- C:\Windows\System32\DTSS2SpeakerDLL64.dll
2012-09-07 21:43:15 1568360 ----a-w- C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2012-09-07 21:43:07 491112 ----a-w- C:\Windows\System32\DTSNeoPCDLL64.dll
2012-09-07 21:43:05 432744 ----a-w- C:\Windows\System32\DTSLimiterDLL64.dll
2012-09-07 21:43:03 242792 ----a-w- C:\Windows\System32\DTSLFXAPO64.dll
2012-09-07 21:43:02 428648 ----a-w- C:\Windows\System32\DTSGainCompensatorDLL64.dll
2012-09-07 21:43:01 241768 ----a-w- C:\Windows\System32\DTSGFXAPONS64.dll
2012-09-07 21:42:59 242792 ----a-w- C:\Windows\System32\DTSGFXAPO64.dll
2012-09-07 21:42:58 1486952 ----a-w- C:\Windows\System32\DTSBoostDLL64.dll
2012-09-07 21:42:51 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2012-09-07 20:07:23 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-09-07 20:03:27 27960 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2012-09-07 19:36:38 8399360 ----a-w- C:\Windows\System32\drivers\NETwNv64.sys
2012-09-07 19:35:55 2750464 ----a-w- C:\Windows\System32\NETwNr64.dll
2012-09-07 19:35:41 799232 ----a-w- C:\Windows\System32\NETwNc64.dll
2012-09-07 19:08:37 18832 ----a-w- C:\Windows\System32\drivers\pmkbdfltr.sys
2012-08-08 16:36:39 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-08-08 16:36:39 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-07-26 18:02:24 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-07-26 18:02:22 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-07-26 18:02:22 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-07-23 17:06:32 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 19:54:15.55 ===============

===================================================================================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/24/2009 11:20:42 AM
System Uptime: 10/12/2012 7:03:31 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 2000/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 136.827 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP281: 9/7/2012 3:48:15 PM - Powersuite - 9/7/2012 3:48:14 PM
RP282: 9/7/2012 5:01:21 PM - Device Driver Package Install: Realtek Semiconductor Corp. Sound, video and game controllers
RP283: 9/7/2012 5:03:59 PM - Device Driver Package Install: Realtek Network adapters
RP284: 9/7/2012 5:36:03 PM - Device Driver Package Install: Synaptics Mice and other pointing devices
RP285: 9/13/2012 11:58:49 AM - Windows Update
RP286: 9/14/2012 7:45:13 AM - Windows Update
RP287: 9/19/2012 12:39:47 PM - Windows Update
RP288: 9/20/2012 5:58:25 PM - Windows Update
RP289: 9/20/2012 6:57:05 PM - RegClean Pro Thu, Sep 20, 12 18:57
RP290: 9/20/2012 10:59:42 PM - Powersuite - 9/20/2012 10:59:41 PM
RP291: 9/20/2012 11:01:56 PM - Device Driver Package Install: Realtek Semiconductor Corp. Sound, video and game controllers
RP292: 9/25/2012 12:32:12 PM - Windows Update
RP293: 9/26/2012 11:27:51 AM - Powersuite - 9/26/2012 11:27:51 AM
RP294: 10/4/2012 1:21:29 PM - Uniblue Powersuite installation
RP295: 10/4/2012 1:22:35 PM - Uniblue SpeedUpMyPC installation
RP296: 10/11/2012 7:36:09 PM - Installed TOSHIBA Service Station
RP297: 10/11/2012 7:46:42 PM - Removed Ask Toolbar.
RP298: 10/11/2012 7:49:09 PM - Removed BabylonObjectInstaller
RP299: 10/11/2012 8:01:12 PM - Removed Netzero Internet Access Installer
RP300: 10/11/2012 8:02:03 PM - Removed Google Earth.
RP301: 10/11/2012 8:22:46 PM - Windows Update
RP302: 10/12/2012 3:32:05 PM - Scheduled Checkpoint
RP303: 10/12/2012 5:23:42 PM - Installed Java 7 Update 7
RP304: 10/12/2012 5:27:23 PM - Removed Java(TM) 6 Update 11
RP305: 10/12/2012 6:53:50 PM - Windows Update
RP306: 10/12/2012 6:55:46 PM - Windows Update
RP307: 10/12/2012 7:21:51 PM - Removed Rapport
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
Amazon Links
Apple Application Support
Apple Software Update
Blubster 3.1.1
Canon iP2600 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Digital Photo Navigator 1.5
Direct DiscRecorder
DVD MovieFactory for TOSHIBA
ESET Online Scanner v3
GEAR driver installer for x86 and x64
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java 7 Update 7
Java Auto Updater
LightScribe 1.4.124.1
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mobile Broadband Generic Drivers
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360
Picasa 2
QuickBooks Financial Center
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Skype Launcher
TOSHIBA Agreement Notification Utility
Toshiba Application Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Quality Application
Toshiba Registration
Toshiba Resources Page
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
UMPlayer 0.98 [P4]
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VZAccess Manager for Novatel
WildTangent Games
.
==== Event Viewer Messages From Past Week ========
.
10/12/2012 7:06:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
10/12/2012 7:06:28 PM, Error: Service Control Manager [7000] - The TPCH Service service failed to start due to the following error: The system cannot find the path specified.
10/12/2012 12:23:32 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/12/2012 12:22:39 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================

Corrine · Oct 12, 2012

Thanks, Ken.

Do you know what changes your friend made with RegClean Pro and the two Uniblue programs, Powersuite and SpeedUpMyPC? If s/he used the registry cleaner aspect of those programs, that may have impacted IE.

To update Adobe Flash Player for Internet Explorer, use this direct download link to avoid the pre-checked McAfee scan: http://download.macromedia.com/get/...sing/win/install_flash_player_11_active_x.exe

The FTP download site for Adobe Reader with no risk of add-ons is here: ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.1.4/.

It looks like one aspect of MyWebSearch was missed. We can take care of that now, although I don't know that it will help with the IE delay.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/size]

Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:

Code:

DDS::
TB: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection - No File
TB-X64: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll

Folder::
C:\Program Files (x86)\RecipeHub_2j

Save this as CFScript.txt and place it on your desktop.
Close any open browsers.
Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

N_J · Oct 13, 2012

Hi Corrine,

My neighbor did use those programs on the premise it would speed up her pc. She is not sure if she used the registry cleaner or not, I suspect so.

I have installed IE 9 and that seems to have resolved the IE issues. The only other problem now is a slow boot up, I'm thinking that is a driver issue, boot file, etc...

At any rate let's take this one step at a time and see what we can do, find below the Combofix log:

ComboFix 12-10-12.01 - ddecker 10/12/2012 21:40:17.2.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3963.1697 [GMT -5:00]
Running from: c:\users\ddecker\Desktop\ComboFix.exe
Command switches used :: c:\users\ddecker\Desktop\CFScript.txt
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\RecipeHub_2j
c:\program files (x86)\RecipeHub_2j\bar\1.bin\CHROME.MANIFEST
c:\program files (x86)\RecipeHub_2j\bar\1.bin\chrome\2jffxtbr.jar
c:\program files (x86)\RecipeHub_2j\bar\1.bin\INSTALL.RDF
c:\program files (x86)\RecipeHub_2j\bar\1.bin\LOGO.BMP
c:\program files (x86)\RecipeHub_2j\bar\IE9Mesg\COMMON.T8S
c:\program files (x86)\RecipeHub_2j\bar\Message\COMMON.T8S
c:\program files (x86)\RecipeHub_2j\bar\Settings\s_pid.dat
.
.
((((((((((((((((((((((((( Files Created from 2012-09-13 to 2012-10-13 )))))))))))))))))))))))))))))))
.
.
2012-10-13 02:48 . 2012-10-13 02:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-13 02:48 . 2012-10-13 02:48 -------- d-----w- c:\users\ddecker\AppData\Local\temp
2012-10-13 02:32 . 2012-10-13 02:32 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-10-12 22:26 . 2012-10-12 22:26 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-12 22:25 . 2012-10-12 22:24 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-12 22:25 . 2012-10-12 22:24 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-12 22:25 . 2012-10-12 22:24 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-12 20:38 . 2012-10-12 20:38 -------- d-----w- c:\program files (x86)\ESET
2012-10-12 00:02 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-12 00:02 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-12 00:02 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll
2012-10-12 00:02 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-12 00:02 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-12 00:02 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-12 00:02 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-04 18:30 . 2012-10-05 02:11 -------- d-----w- c:\windows\system32\drivers\N360x64\0604000.009
2012-09-21 04:01 . 2012-09-21 04:01 836544 ----a-w- c:\windows\system32\tadefxapo264.dll
2012-09-21 04:01 . 2012-09-21 04:01 2605400 ----a-w- c:\windows\system32\WavesGUILib.dll
2012-09-21 04:01 . 2012-09-21 04:01 869520 ----a-w- c:\windows\system32\RtkApi64.dll
2012-09-21 04:01 . 2012-09-21 04:01 2674320 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-09-21 04:01 . 2012-09-21 04:01 1262696 ----a-w- c:\windows\system32\RTCOM64.dll
2012-09-21 04:01 . 2012-09-21 04:01 4065296 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-09-21 04:01 . 2012-09-21 04:01 5096448 ----a-w- c:\windows\system32\RCoRes64.dat
2012-09-21 04:01 . 2012-09-21 04:01 105616 ----a-w- c:\windows\system32\RCoInstII64.dll
2012-09-20 23:53 . 2012-10-12 00:52 -------- d-----w- c:\users\ddecker\AppData\Roaming\Systweak
2012-09-20 23:53 . 2012-09-20 18:27 19368 ----a-w- c:\windows\system32\roboot64.exe
2012-09-14 03:28 . 2012-09-14 03:28 -------- d-----w- c:\program files (x86)\The Weather Channel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-13 02:25 . 2012-08-16 17:12 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-13 02:25 . 2011-06-21 21:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-12 01:28 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe
2012-09-21 04:01 . 2009-07-15 14:14 3615888 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-09-07 22:28 . 2012-09-07 22:28 1048576 ----a-w- c:\windows\system32\syndata.bin
2012-09-07 22:26 . 2012-09-07 22:26 68880 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
2012-09-07 22:26 . 2012-09-07 22:26 150800 ----a-w- c:\windows\system32\SynTPCo9.dll
2012-09-07 22:26 . 2012-09-07 22:26 113936 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2012-09-07 22:26 . 2009-03-18 17:18 229648 ----a-w- c:\windows\system32\SynTPAPI.dll
2012-09-07 22:26 . 2012-09-07 22:26 412944 ----a-w- c:\windows\system32\drivers\SynTP.sys
2012-09-07 22:25 . 2012-09-07 22:25 224528 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2012-09-07 22:25 . 2012-09-07 22:25 280336 ----a-w- c:\windows\system32\SynCtrl.dll
2012-09-07 22:23 . 2012-09-07 22:23 183568 ----a-w- c:\windows\SysWow64\SynCOM.dll
2012-09-07 22:23 . 2009-03-18 17:18 421648 ----a-w- c:\windows\system32\SynCOM.dll
2012-09-07 22:04 . 2010-11-04 19:51 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 22:03 . 2012-09-07 22:03 508520 ----a-w- c:\windows\system32\drivers\Rtlh64.sys
2012-09-07 22:03 . 2012-09-07 22:03 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-09-07 22:03 . 2012-09-07 22:03 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-09-07 21:53 . 2012-09-07 21:53 1361336 ----a-w- c:\windows\system32\tosade.dll
2012-09-07 21:53 . 2012-09-07 21:53 65944 ----a-w- c:\windows\system32\tepeqapo64.dll
2012-09-07 21:53 . 2012-09-07 21:53 148416 ----a-w- c:\windows\system32\tadefxapo.dll
2012-09-07 21:51 . 2012-09-07 21:51 155888 ----a-w- c:\windows\system32\SRSWOW64.dll
2012-09-07 21:51 . 2012-09-07 21:51 518896 ----a-w- c:\windows\system32\SRSTSX64.dll
2012-09-07 21:51 . 2012-09-07 21:51 211184 ----a-w- c:\windows\system32\SRSTSH64.dll
2012-09-07 21:51 . 2012-09-07 21:51 198896 ----a-w- c:\windows\system32\SRSHP64.dll
2012-09-07 21:51 . 2012-09-07 21:51 220776 ----a-w- c:\windows\system32\SFSS_APO.dll
2012-09-07 21:51 . 2012-09-07 21:51 221024 ----a-w- c:\windows\system32\SFNHK64.dll
2012-09-07 21:51 . 2012-09-07 21:51 81248 ----a-w- c:\windows\system32\SFCOM64.dll
2012-09-07 21:51 . 2012-09-07 21:51 78688 ----a-w- c:\windows\system32\SFAPO64.dll
2012-09-07 21:51 . 2012-09-07 21:51 74064 ----a-w- c:\windows\SysWow64\SFCOM.dll
2012-09-07 21:51 . 2012-09-07 21:51 331880 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2012-09-07 21:50 . 2012-09-07 21:50 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2012-09-07 21:50 . 2009-07-15 14:14 149608 ----a-w- c:\windows\system32\RtkCfg64.dll
2012-09-07 21:49 . 2012-09-07 21:49 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-09-07 21:49 . 2012-09-07 21:49 375128 ----a-w- c:\windows\system32\RTEEP64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 78680 ----a-w- c:\windows\system32\RTEEG64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 101208 ----a-w- c:\windows\system32\RTEEL64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 204120 ----a-w- c:\windows\system32\RTEED64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DAA64.dll
2012-09-07 21:46 . 2012-09-07 21:46 2131288 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2012-09-07 21:46 . 2012-09-07 21:46 341336 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2012-09-07 21:46 . 2012-09-07 21:46 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2012-09-07 21:45 . 2012-09-07 21:45 603984 ----a-w- c:\windows\system32\KAAPORT64.dll
2012-09-07 21:43 . 2012-09-07 21:43 693352 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 712296 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1756264 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1568360 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 432744 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 242792 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2012-09-07 21:43 . 2012-09-07 21:43 428648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:42 241768 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
2012-09-07 21:42 . 2012-09-07 21:42 242792 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
2012-09-07 21:42 . 2012-09-07 21:42 1486952 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
2012-09-07 21:42 . 2012-09-07 21:42 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2012-09-07 20:07 . 2012-09-07 20:07 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-09-07 20:03 . 2012-09-07 20:03 27960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2012-09-07 19:36 . 2012-09-07 19:35 8399360 ----a-w- c:\windows\system32\drivers\NETwNv64.sys
2012-09-07 19:35 . 2012-09-07 19:35 2750464 ----a-w- c:\windows\system32\NETwNr64.dll
2012-09-07 19:35 . 2012-09-07 19:35 799232 ----a-w- c:\windows\system32\NETwNc64.dll
2012-09-07 19:08 . 2012-09-07 19:08 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-08 16:36 . 2012-08-08 16:36 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-08 16:36 . 2012-08-08 16:36 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-26 18:02 . 2010-02-07 14:24 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-07-26 18:02 . 2012-08-15 15:25 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-07-26 18:02 . 2010-02-07 14:23 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-07-23 17:06 . 2009-08-03 02:38 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{cf51de5b-eb36-4114-bb69-84df63fbadb4}"= "c:\program files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{cf51de5b-eb36-4114-bb69-84df63fbadb4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]
"NDSTray.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" [2009-03-17 304496]
"cfFncEnabler.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe" [2009-03-24 16384]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-08-08 296096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-13 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-13 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-13 200216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-21 12503184]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-03-24 1123840]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.55.5.10 209.55.5.11
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre7\bin\jusched.exe
AddRemove-RealPlayer 15.0 - c:\program files (x86)\real\realplayer\Update\r1puninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-10-12 21:51:19
ComboFix-quarantined-files.txt 2012-10-13 02:51
ComboFix2.txt 2012-10-12 17:54
.
Pre-Run: 147,422,052,352 bytes free
Post-Run: 146,861,477,888 bytes free
.
- - End Of File - - 4A19C6E8A06CFE9D75D027925A78B5A1

Corrine · Oct 13, 2012

Hi, Ken.

Looks like RecipeHub has a bit of leftovers that showed up in the new log.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/size]

Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:

Code:

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{cf51de5b-eb36-4114-bb69-84df63fbadb4}"=
[-HKEY_CLASSES_ROOT\clsid\{cf51de5b-eb36-4114-bb69-84df63fbadb4}]

Save this as CFScript.txt and place it on your desktop.
Close any open browsers.
Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

N_J · Oct 13, 2012

Here is the latest log Corrine, looks like CF found another infection and RecipeHub is still present. :banghead:

Could it because Norton360 is still running in the background? I've tried to disable thru the tray icon and also tried to end process thru task manager, but Norton will not allow that...something about it being a security function of Norton's....I hate Nortons :mad7:

ComboFix 12-10-12.01 - ddecker 10/13/2012 21:14:01.3.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3963.2010 [GMT -5:00]
Running from: c:\users\ddecker\Desktop\ComboFix.exe
Command switches used :: c:\users\ddecker\Desktop\CFScript.txt
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\COUPon~1.ocx
.
.
((((((((((((((((((((((((( Files Created from 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))))
.
.
2012-10-14 02:22 . 2012-10-14 02:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-14 02:22 . 2012-10-14 02:22 -------- d-----w- c:\users\ddecker\AppData\Local\temp
2012-10-14 01:31 . 2012-10-14 01:31 -------- d-----w- c:\users\ddecker\AppData\Local\Macromedia
2012-10-14 01:26 . 2012-10-14 01:26 -------- d-----w- c:\users\ddecker\AppData\Local\Mozilla
2012-10-13 02:32 . 2012-10-13 02:32 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-10-12 22:26 . 2012-10-12 22:26 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-12 22:25 . 2012-10-12 22:24 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-12 22:25 . 2012-10-12 22:24 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-12 22:25 . 2012-10-12 22:24 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-12 20:38 . 2012-10-12 20:38 -------- d-----w- c:\program files (x86)\ESET
2012-10-12 00:02 . 2012-09-13 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-12 00:02 . 2012-09-13 13:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-12 00:02 . 2012-08-24 16:07 218624 ----a-w- c:\windows\system32\wintrust.dll
2012-10-12 00:02 . 2012-08-24 15:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-12 00:02 . 2012-06-02 00:20 1268736 ----a-w- c:\windows\system32\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:02 985088 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-12 00:02 . 2012-06-02 00:20 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-12 00:02 . 2012-06-02 00:20 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-12 00:02 . 2012-06-02 00:02 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-12 00:02 . 2012-08-29 11:40 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-04 18:30 . 2012-10-05 02:11 -------- d-----w- c:\windows\system32\drivers\N360x64\0604000.009
2012-09-21 04:01 . 2012-09-21 04:01 836544 ----a-w- c:\windows\system32\tadefxapo264.dll
2012-09-21 04:01 . 2012-09-21 04:01 2605400 ----a-w- c:\windows\system32\WavesGUILib.dll
2012-09-21 04:01 . 2012-09-21 04:01 869520 ----a-w- c:\windows\system32\RtkApi64.dll
2012-09-21 04:01 . 2012-09-21 04:01 2674320 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-09-21 04:01 . 2012-09-21 04:01 1262696 ----a-w- c:\windows\system32\RTCOM64.dll
2012-09-21 04:01 . 2012-09-21 04:01 4065296 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-09-21 04:01 . 2012-09-21 04:01 5096448 ----a-w- c:\windows\system32\RCoRes64.dat
2012-09-21 04:01 . 2012-09-21 04:01 105616 ----a-w- c:\windows\system32\RCoInstII64.dll
2012-09-20 23:53 . 2012-10-12 00:52 -------- d-----w- c:\users\ddecker\AppData\Roaming\Systweak
2012-09-20 23:53 . 2012-09-20 18:27 19368 ----a-w- c:\windows\system32\roboot64.exe
2012-09-14 03:28 . 2012-09-14 03:28 -------- d-----w- c:\program files (x86)\The Weather Channel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-14 01:28 . 2012-08-16 17:12 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-14 01:28 . 2011-06-21 21:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-12 01:28 . 2006-11-02 12:35 65309168 ----a-w- c:\windows\system32\mrt.exe
2012-09-21 04:01 . 2009-07-15 14:14 3615888 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-09-07 22:28 . 2012-09-07 22:28 1048576 ----a-w- c:\windows\system32\syndata.bin
2012-09-07 22:26 . 2012-09-07 22:26 68880 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
2012-09-07 22:26 . 2012-09-07 22:26 150800 ----a-w- c:\windows\system32\SynTPCo9.dll
2012-09-07 22:26 . 2012-09-07 22:26 113936 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2012-09-07 22:26 . 2009-03-18 17:18 229648 ----a-w- c:\windows\system32\SynTPAPI.dll
2012-09-07 22:26 . 2012-09-07 22:26 412944 ----a-w- c:\windows\system32\drivers\SynTP.sys
2012-09-07 22:25 . 2012-09-07 22:25 224528 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2012-09-07 22:25 . 2012-09-07 22:25 280336 ----a-w- c:\windows\system32\SynCtrl.dll
2012-09-07 22:23 . 2012-09-07 22:23 183568 ----a-w- c:\windows\SysWow64\SynCOM.dll
2012-09-07 22:23 . 2009-03-18 17:18 421648 ----a-w- c:\windows\system32\SynCOM.dll
2012-09-07 22:04 . 2010-11-04 19:51 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 22:03 . 2012-09-07 22:03 508520 ----a-w- c:\windows\system32\drivers\Rtlh64.sys
2012-09-07 22:03 . 2012-09-07 22:03 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-09-07 22:03 . 2012-09-07 22:03 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-09-07 21:53 . 2012-09-07 21:53 1361336 ----a-w- c:\windows\system32\tosade.dll
2012-09-07 21:53 . 2012-09-07 21:53 65944 ----a-w- c:\windows\system32\tepeqapo64.dll
2012-09-07 21:53 . 2012-09-07 21:53 148416 ----a-w- c:\windows\system32\tadefxapo.dll
2012-09-07 21:51 . 2012-09-07 21:51 155888 ----a-w- c:\windows\system32\SRSWOW64.dll
2012-09-07 21:51 . 2012-09-07 21:51 518896 ----a-w- c:\windows\system32\SRSTSX64.dll
2012-09-07 21:51 . 2012-09-07 21:51 211184 ----a-w- c:\windows\system32\SRSTSH64.dll
2012-09-07 21:51 . 2012-09-07 21:51 198896 ----a-w- c:\windows\system32\SRSHP64.dll
2012-09-07 21:51 . 2012-09-07 21:51 220776 ----a-w- c:\windows\system32\SFSS_APO.dll
2012-09-07 21:51 . 2012-09-07 21:51 221024 ----a-w- c:\windows\system32\SFNHK64.dll
2012-09-07 21:51 . 2012-09-07 21:51 81248 ----a-w- c:\windows\system32\SFCOM64.dll
2012-09-07 21:51 . 2012-09-07 21:51 78688 ----a-w- c:\windows\system32\SFAPO64.dll
2012-09-07 21:51 . 2012-09-07 21:51 74064 ----a-w- c:\windows\SysWow64\SFCOM.dll
2012-09-07 21:51 . 2012-09-07 21:51 331880 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2012-09-07 21:50 . 2012-09-07 21:50 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2012-09-07 21:50 . 2009-07-15 14:14 149608 ----a-w- c:\windows\system32\RtkCfg64.dll
2012-09-07 21:49 . 2012-09-07 21:49 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-09-07 21:49 . 2012-09-07 21:49 375128 ----a-w- c:\windows\system32\RTEEP64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 78680 ----a-w- c:\windows\system32\RTEEG64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 101208 ----a-w- c:\windows\system32\RTEEL64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 204120 ----a-w- c:\windows\system32\RTEED64A.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2012-09-07 21:49 . 2012-09-07 21:49 310104 ----a-w- c:\windows\system32\RP3DAA64.dll
2012-09-07 21:46 . 2012-09-07 21:46 2131288 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2012-09-07 21:46 . 2012-09-07 21:46 341336 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2012-09-07 21:46 . 2012-09-07 21:46 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2012-09-07 21:45 . 2012-09-07 21:45 603984 ----a-w- c:\windows\system32\KAAPORT64.dll
2012-09-07 21:43 . 2012-09-07 21:43 693352 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 712296 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1756264 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 1568360 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 432744 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:43 242792 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2012-09-07 21:43 . 2012-09-07 21:43 428648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2012-09-07 21:43 . 2012-09-07 21:42 241768 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
2012-09-07 21:42 . 2012-09-07 21:42 242792 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
2012-09-07 21:42 . 2012-09-07 21:42 1486952 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
2012-09-07 21:42 . 2012-09-07 21:42 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2012-09-07 20:07 . 2012-09-07 20:07 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-09-07 20:03 . 2012-09-07 20:03 27960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2012-09-07 19:36 . 2012-09-07 19:35 8399360 ----a-w- c:\windows\system32\drivers\NETwNv64.sys
2012-09-07 19:35 . 2012-09-07 19:35 2750464 ----a-w- c:\windows\system32\NETwNr64.dll
2012-09-07 19:35 . 2012-09-07 19:35 799232 ----a-w- c:\windows\system32\NETwNc64.dll
2012-09-07 19:08 . 2012-09-07 19:08 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-08 16:36 . 2012-08-08 16:36 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-08 16:36 . 2012-08-08 16:36 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-26 18:02 . 2010-02-07 14:24 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-07-26 18:02 . 2012-08-15 15:25 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-07-26 18:02 . 2010-02-07 14:23 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-07-23 17:06 . 2009-08-03 02:38 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{cf51de5b-eb36-4114-bb69-84df63fbadb4}"= "c:\program files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{cf51de5b-eb36-4114-bb69-84df63fbadb4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]
"NDSTray.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" [2009-03-17 304496]
"cfFncEnabler.exe"="c:\program files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe" [2009-03-24 16384]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-08-08 296096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-13 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-13 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-13 200216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-21 12503184]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-03-24 1123840]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.55.5.10 209.55.5.11
FF - ProfilePath - c:\users\ddecker\AppData\Roaming\Mozilla\Firefox\Profiles\3c0fj8q9.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-RealPlayer 15.0 - c:\program files (x86)\real\realplayer\Update\r1puninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-10-13 21:25:10
ComboFix-quarantined-files.txt 2012-10-14 02:25
ComboFix2.txt 2012-10-13 02:51
ComboFix3.txt 2012-10-12 17:54
.
Pre-Run: 148,622,061,568 bytes free
Post-Run: 148,578,684,928 bytes free
.
- - End Of File - - 63C9DE4C355070ED96F6F9AEC4A94517

Corrine · Oct 13, 2012

Hi, Ken.

Maybe fresh eyes tomorrow will help. In the meantime, I see the ESET online scanner installed on the computer. New definitions will be needed but how about checking with again with ESET:

Please go here to run an on-line scan from ESET.

Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic.

N_J · Oct 13, 2012

Sounds good Corrine get some sleep.... I will post tomorrow.

N_J · Oct 14, 2012

Good day Corrine, ESET scan came up clean.

Corrine · Oct 14, 2012

Hi, Ken.

I have no idea why ComboFix didn't remove RecipeHub. Although I prefer working with DDS/ComboFix, perhaps something will show with OTL that I'm not seeing.

Please download OTL ... by Old Timer . Save it to your Desktop.

Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
Click the Scan All Users checkbox.
Leave the remaining selections to the default settings.
Click on Run Scan at the top left hand corner.
When done, two Notepad files will open.
- OTL.txt <-- Will be opened, maximized
- Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.

N_J · Oct 14, 2012

OTL logfile created on: 10/14/2012 8:45:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ddecker\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 53.34% Memory free
9.58 Gb Paging File | 7.80 Gb Available in Paging File | 81.41% Paging File free
Paging file location(s): C:\pagefile.sys 5944 5944 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.37 Gb Total Space | 138.40 Gb Free Space | 62.52% Space Free | Partition Type: NTFS

Computer Name: DDECKER-PC | User Name: ddecker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 20:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ddecker\Downloads\OTL.exe
PRC - [2012/10/13 20:28:24 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/10/10 20:05:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/08 11:36:41 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccsvchst.exe
PRC - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009/04/16 20:42:54 | 002,513,472 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009/03/17 18:36:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/03/10 20:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/06 19:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/13 20:28:23 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012/10/10 20:05:59 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

========== Services (SafeList) ==========

SRV:64bit: - [2009/04/14 19:57:28 | 000,251,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/03/17 13:48:54 | 000,084,480 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/03/06 20:30:32 | 000,488,288 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2008/10/16 20:05:00 | 001,449,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/10/16 19:27:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/21 18:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2012/10/10 20:05:59 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/03/06 19:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2008/11/03 18:15:32 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/07 17:26:19 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/07 17:03:35 | 000,508,520 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2012/09/07 15:03:27 | 000,027,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/07 14:36:38 | 008,399,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETwNv64.sys -- (NETwNv64)
DRV:64bit: - [2012/09/07 14:08:37 | 000,018,832 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\pmkbdfltr.sys -- (pmkbdfltr)
DRV:64bit: - [2012/07/26 13:02:22 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/23 12:06:32 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2012/03/29 01:28:38 | 000,445,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2012/03/29 01:28:25 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2012/03/29 01:06:25 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/01/20 15:18:26 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btblan.sys -- (Leapfrog-USBLAN)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/03/23 17:48:20 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/03/18 13:46:44 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\pgeffect.sys -- (PGEffect)
DRV:64bit: - [2009/03/11 18:35:48 | 000,071,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/03/03 14:14:24 | 008,040,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/01/27 21:12:14 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2008/11/17 09:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64)
DRV:64bit: - [2008/07/07 12:23:56 | 000,025,600 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:64bit: - [2008/06/02 16:28:52 | 000,247,808 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2007/12/11 16:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2007/11/09 16:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2006/11/20 00:11:06 | 000,008,704 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2006/09/18 16:38:10 | 001,074,688 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV - [2012/10/14 20:23:39 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20121014.006\ex64.sys -- (NAVEX15)
DRV - [2012/10/14 20:23:39 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20121014.006\eng64.sys -- (NAVENG)
DRV - [2012/08/31 19:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20121012.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/31 17:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120928.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/10 09:56:11 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 21:19:23 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{FFE6AB72-3133-4152-B143-C67BBC30DE2C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
IE - HKLM\..\SearchScopes\{7CC94BCA-8E5E-4FAD-ACE5-798C208642BC}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB_en
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\SearchScopes\{7CC94BCA-8E5E-4FAD-ACE5-798C208642BC}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=6&gct=sb&qsrc=2869
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@RecipeHub_2j.com/Plugin: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2jffxtbr@RecipeHub_2j.com: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\ [2012/07/23 12:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\ [2012/10/14 11:57:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/08 11:37:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/13 20:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2009/10/03 10:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ddecker\AppData\Roaming\Mozilla\Extensions
[2009/10/03 10:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ddecker\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012/10/13 20:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/10 20:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/10 20:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/10 20:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=114066&tt=3212_5&babsrc=SP_ss&mntrId=341592e1000000000000001e6545b2ac
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\ddecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Picasa2\npPicasa2.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\ddecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Norton Identity Protection = C:\Users\ddecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\

O1 HOSTS File: ([2012/10/13 21:22:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Recipe Hub) - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll File not found
O3:64bit: - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.5.10 209.55.5.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FB0FBA6-6420-43BE-950B-BE7DDB297058}: DhcpNameServer = 209.55.5.10 209.55.5.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B763E676-6106-4F58-A81A-91ACBB15E641}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\ddecker\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ddecker\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/14 11:50:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/13 21:25:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/10/13 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\ddecker\AppData\Local\temp
[2012/10/13 20:31:07 | 000,000,000 | ---D | C] -- C:\Users\ddecker\AppData\Local\Macromedia
[2012/10/13 20:26:01 | 000,000,000 | ---D | C] -- C:\Users\ddecker\AppData\Local\Mozilla
[2012/10/13 20:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/10/13 20:25:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/10/12 21:32:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/10/12 18:58:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/12 18:58:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/12 18:58:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/12 18:58:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/12 18:58:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/12 18:58:32 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/12 18:58:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/12 18:58:31 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/12 18:58:31 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/12 18:58:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/12 18:58:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/12 18:58:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/12 18:58:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/12 18:58:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/12 18:58:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/12 18:58:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/12 18:58:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/12 18:58:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/12 18:58:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/12 18:58:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/12 18:58:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/12 18:58:29 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/12 18:58:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/12 18:58:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/12 18:58:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/12 18:58:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/12 18:58:29 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/12 18:58:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/12 18:58:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/12 18:58:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/12 18:58:28 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/10/12 18:58:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/12 18:58:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/12 18:58:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/12 18:58:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/12 18:58:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/12 18:58:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/12 18:58:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/12 18:58:25 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/12 18:58:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/12 18:58:25 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/12 18:58:25 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/12 18:58:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/10/12 18:58:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/12 18:58:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/12 18:58:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/12 18:58:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/12 18:58:25 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/12 18:58:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/12 18:58:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/12 18:58:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/12 18:58:24 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/12 18:58:24 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/12 18:58:24 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/12 18:58:24 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/12 18:58:24 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/12 18:58:24 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/12 18:58:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/12 18:58:24 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/12 18:58:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/12 18:58:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/12 18:58:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/12 18:58:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/12 18:58:23 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/12 18:58:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/12 18:58:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/12 18:58:23 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/12 18:58:23 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/12 18:58:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/12 18:58:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/12 18:58:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/12 18:58:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/12 18:58:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/12 18:58:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/12 17:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/10/12 17:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/10/12 17:25:50 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/10/12 17:25:50 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/10/12 17:25:50 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/10/12 17:25:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/12 17:25:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/10/12 17:25:22 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/10/12 16:01:40 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\ddecker\Desktop\dds.scr
[2012/10/12 15:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/10/12 12:03:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/12 12:03:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/12 12:03:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/12 12:02:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/12 12:01:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/12 12:00:15 | 004,771,502 | R--- | C] (Swearware) -- C:\Users\ddecker\Desktop\ComboFix.exe
[2012/10/11 19:02:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/11 19:02:15 | 001,268,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/11 19:02:14 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/11 19:02:04 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/09/20 23:01:13 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012/09/20 23:01:10 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/09/20 23:01:07 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/09/20 23:01:06 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/09/20 23:01:06 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/09/20 23:01:04 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/09/20 23:01:04 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/09/20 23:00:57 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012/09/20 23:00:57 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012/09/20 23:00:57 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012/09/20 23:00:57 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012/09/20 23:00:57 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012/09/20 23:00:57 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012/09/20 23:00:55 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012/09/20 23:00:52 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012/09/20 23:00:51 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/09/20 23:00:49 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/09/20 23:00:49 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012/09/20 23:00:49 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012/09/20 23:00:49 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012/09/20 23:00:48 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/09/20 23:00:48 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/09/20 18:53:49 | 000,000,000 | ---D | C] -- C:\Users\ddecker\AppData\Roaming\Systweak
[2012/09/20 18:53:48 | 000,019,368 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe

========== Files - Modified Within 30 Days ==========

[2012/10/14 20:37:02 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/14 20:36:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/14 15:34:51 | 000,756,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/14 15:34:51 | 000,640,886 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/14 15:34:51 | 000,119,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/14 15:24:50 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/14 12:41:05 | 000,008,885 | ---- | M] () -- C:\Users\ddecker\Documents\bookmark.htm
[2012/10/14 12:41:05 | 000,000,410 | ---- | M] () -- C:\Users\ddecker\Documents\feeds.opml
[2012/10/14 11:54:37 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 11:54:37 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 11:54:20 | 4156,542,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/13 21:22:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/13 20:28:24 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/13 20:28:24 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/13 20:25:57 | 000,000,923 | ---- | M] () -- C:\Users\ddecker\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/13 20:25:57 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/12 21:32:38 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/10/12 19:03:58 | 003,000,903 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Cat.DB
[2012/10/12 18:58:52 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2012/10/12 18:58:52 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2012/10/12 18:58:52 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2012/10/12 18:58:52 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2012/10/12 18:58:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/12 18:58:32 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/12 18:58:32 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/12 18:58:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/12 18:58:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/12 18:58:32 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/12 18:58:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/12 18:58:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/12 18:58:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/12 18:58:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/12 18:58:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/12 18:58:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/12 18:58:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/12 18:58:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/12 18:58:31 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/12 18:58:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/12 18:58:30 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/12 18:58:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/12 18:58:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/12 18:58:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/12 18:58:30 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/12 18:58:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/12 18:58:29 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/12 18:58:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/12 18:58:29 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/12 18:58:29 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/12 18:58:29 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/12 18:58:29 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/10/12 18:58:29 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/12 18:58:29 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/12 18:58:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/12 18:58:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/12 18:58:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/12 18:58:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/12 18:58:26 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/12 18:58:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/12 18:58:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/12 18:58:25 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/12 18:58:25 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/12 18:58:25 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/12 18:58:25 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/12 18:58:25 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/12 18:58:25 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/12 18:58:25 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/10/12 18:58:25 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/12 18:58:25 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/12 18:58:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/12 18:58:25 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/12 18:58:25 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/12 18:58:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/12 18:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/12 18:58:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/12 18:58:24 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/12 18:58:24 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/12 18:58:24 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/12 18:58:24 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/12 18:58:24 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/12 18:58:24 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/12 18:58:24 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/12 18:58:24 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/12 18:58:24 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/12 18:58:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/12 18:58:24 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/12 18:58:24 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/12 18:58:24 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/12 18:58:23 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/12 18:58:23 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/12 18:58:23 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/12 18:58:23 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/12 18:58:23 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/12 18:58:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/12 18:58:23 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/12 18:58:23 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/12 18:58:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/12 18:58:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/12 18:58:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/12 17:24:57 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/10/12 17:24:54 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/10/12 17:24:54 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/12 17:24:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/10/12 17:24:52 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/10/12 17:24:52 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/10/12 16:11:04 | 000,881,724 | ---- | M] () -- C:\Users\ddecker\Desktop\SecurityCheck.exe
[2012/10/12 16:01:42 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\ddecker\Desktop\dds.scr
[2012/10/12 12:00:23 | 004,771,502 | R--- | M] (Swearware) -- C:\Users\ddecker\Desktop\ComboFix.exe
[2012/10/11 22:29:06 | 000,002,680 | ---- | M] () -- C:\{7F404C83-AF45-4011-AF93-CC7219A365DF}
[2012/10/11 19:40:03 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/11 19:13:09 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/04 21:13:23 | 000,002,128 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/10/04 13:31:26 | 000,009,103 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0604000.009\VT20121002.018
[2012/09/28 12:35:31 | 000,040,602 | ---- | M] () -- C:\Users\ddecker\Documents\iPayStatementsServ.pdf
[2012/09/26 05:52:07 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0604000.009\isolate.ini
[2012/09/20 23:01:13 | 000,836,544 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012/09/20 23:01:11 | 002,605,400 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/09/20 23:01:07 | 003,615,888 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/09/20 23:01:07 | 000,869,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/09/20 23:01:06 | 002,674,320 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/09/20 23:01:06 | 001,262,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/09/20 23:01:04 | 005,096,448 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/09/20 23:01:04 | 000,293,889 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/09/20 23:01:04 | 000,105,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/09/20 23:00:58 | 007,163,744 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012/09/20 23:00:57 | 000,433,504 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012/09/20 23:00:57 | 000,396,632 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012/09/20 23:00:57 | 000,141,152 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012/09/20 23:00:57 | 000,123,744 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012/09/20 23:00:57 | 000,074,592 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012/09/20 23:00:56 | 001,345,368 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012/09/20 23:00:55 | 008,363,864 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012/09/20 23:00:52 | 001,015,640 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/09/20 23:00:49 | 002,533,952 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/09/20 23:00:49 | 000,537,456 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012/09/20 23:00:49 | 000,524,656 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012/09/20 23:00:49 | 000,449,392 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012/09/20 23:00:48 | 000,202,336 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/09/20 23:00:48 | 000,108,640 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/09/20 18:36:08 | 000,751,784 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/20 13:27:36 | 000,019,368 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe

========== Files Created - No Company Name ==========

[2012/10/14 12:41:05 | 000,008,885 | ---- | C] () -- C:\Users\ddecker\Documents\bookmark.htm
[2012/10/14 12:41:05 | 000,000,410 | ---- | C] () -- C:\Users\ddecker\Documents\feeds.opml
[2012/10/13 20:25:57 | 000,000,923 | ---- | C] () -- C:\Users\ddecker\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/13 20:25:57 | 000,000,911 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/10/13 20:25:57 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/12 21:32:38 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/10/12 21:32:37 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/10/12 18:58:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/12 18:58:24 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/12 16:11:01 | 000,881,724 | ---- | C] () -- C:\Users\ddecker\Desktop\SecurityCheck.exe
[2012/10/12 12:03:28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/12 12:03:28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/12 12:03:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/12 12:03:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/12 12:03:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/11 22:29:04 | 000,002,680 | ---- | C] () -- C:\{7F404C83-AF45-4011-AF93-CC7219A365DF}
[2012/10/11 19:13:09 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/28 12:35:30 | 000,040,602 | ---- | C] () -- C:\Users\ddecker\Documents\iPayStatementsServ.pdf
[2012/09/20 23:01:04 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/09/13 22:31:49 | 000,751,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/25 15:32:38 | 000,005,632 | ---- | C] () -- C:\Users\ddecker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

< End of report >

===============================================================================================

OTL Extras logfile created on: 10/14/2012 8:45:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ddecker\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 53.34% Memory free
9.58 Gb Paging File | 7.80 Gb Available in Paging File | 81.41% Paging File free
Paging file location(s): C:\pagefile.sys 5944 5944 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.37 Gb Total Space | 138.40 Gb Free Space | 62.52% Space Free | Partition Type: NTFS

Computer Name: DDECKER-PC | User Name: ddecker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = FE CA 44 34 21 81 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4BA2D871-9A2E-492E-8390-6509240C02C2}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6F9E7BD7-C3E2-4D11-880B-EFF6582F0984}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9C58EFF9-5415-4148-9BBB-94CFE2335894}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C73F06E0-F359-480F-A4FE-1607246E1924}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CB12745E-E30E-447D-9BFB-40F56B2D516B}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{D43F9121-F126-46C6-BD94-8B17DDBEC8F2}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{D5379C9E-7661-43E8-8184-5A1B4B114992}" = protocol=17 | dir=in | app=c:\program files (x86)\blubster\blubster.exe |
"{E8C050B7-D48A-4C1E-8EEA-3FDADD1B0FAE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EB3059E9-A44D-4C94-B670-4A065C6BA0F3}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F652F051-A7FD-40CE-B84D-535E1A368F2A}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{F99884A1-24BA-4211-A9F7-3281A1A7F470}" = protocol=6 | dir=in | app=c:\program files (x86)\blubster\blubster.exe |
"{FF9CCC13-D289-4EFD-AF38-56CF4BE1A8A9}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi Software
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}" = PlayReady PC runtime
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CanonMyPrinter" = Canon My Printer
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{21526716-DFD8-4B90-86D9-EF9F47057B3E}" = Toshiba Resources Page
"{224821ED-CADA-4A8A-AC8D-3734CC0F0931}" = Amazon Links
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}" = Mobile Broadband Generic Drivers
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BA20EF6-AE4E-4408-B083-7AE999E92D73}" = VZAccess Manager for Novatel
"{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application Installer
"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{BF5A20B4-55F7-49B8-9302-FAC7C459AF3D}" = Skype Launcher
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Blubster" = Blubster 3.1.1
"Canon iP2600 series User Registration" = Canon iP2600 series User Registration
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Picasa2" = Picasa 2
"RealPlayer 15.0" = RealPlayer
"UMPlayer" = UMPlayer 0.98 [P4]
"WildTangent toshiba Master Uninstall" = WildTangent Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-660507732-1389631595-2735188851-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/23/2011 4:46:01 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/24/2011 7:53:32 AM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/28/2011 8:53:30 AM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/28/2011 9:00:23 AM | Computer Name = ddecker-PC | Source = RasClient | ID = 20227
Description =

Error - 5/31/2011 6:57:20 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/4/2011 9:24:29 AM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/4/2011 10:14:57 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/7/2011 5:32:16 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/9/2011 9:42:25 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/12/2011 12:43:01 PM | Computer Name = ddecker-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 10/13/2012 5:12:48 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/13/2012 5:12:48 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/13/2012 10:18:22 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 10/13/2012 10:22:03 PM | Computer Name = ddecker-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 10/13/2012 10:22:03 PM | Computer Name = ddecker-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 10/13/2012 10:22:41 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 10/14/2012 12:50:01 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/14/2012 12:50:01 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/14/2012 12:54:46 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/14/2012 12:54:46 PM | Computer Name = ddecker-PC | Source = Service Control Manager | ID = 7026
Description =

< End of report >

Corrine · Oct 15, 2012

Hi, Ken.

Please Run OTL:

Double-click on the icon to run it.

Copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL

Code:

:OTL
IE - HKU\S-1-5-21-660507732-1389631595-2735188851-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=6&gct=sb&qsrc=2869
FF - HKLM\Software\MozillaPlugins\@RecipeHub_2j.com/Plugin: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2jffxtbr@RecipeHub_2j.com: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=114066&tt=3212_5&babsrc=SP_ss&mntrId=341592e1000000000000001e6545b2ac
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll
O3 - HKLM\..\Toolbar: (Recipe Hub) - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll File not found

Then click the Run Fix button at the top
Let the program run unhindered, it will reboot when it is done and produce a log

Please post the results and let me know how the computer is now.

N_J · Oct 15, 2012

Hi Corrine, below is the log. I ran hijackthis to see if Recipehub was still present...good news it is gone. I haven't reboot the machine since running the OTL fix. I will let you know later how the machine is booting after a few reboots. Thank you for everything.

========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-660507732-1389631595-2735188851-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@RecipeHub_2j.com/Plugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2jffxtbr@RecipeHub_2j.com deleted successfully.
File C:\Program Files (x86)\RecipeHub_2j\bar\1.bin not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cf51de5b-eb36-4114-bb69-84df63fbadb4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf51de5b-eb36-4114-bb69-84df63fbadb4}\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10152012_152150

Corrine · Oct 15, 2012

Hi, Ken.

ComboFix would have been able to remove Recipehub if I hadn't left one little - from the script! However, its good that this worked. Let me know how it goes and then we can clean up the tools before returning the computer to your friend.

N_J · Oct 15, 2012

I had seen that and wondered too, since I don't use CF to much I didn't question it....I mean your way more qualified than I so I didn't give it a second thought. I will let you know how the pc is working.

On a side note: Why would Nortons360 miss all those infections (including Vundo)? I am recommending to my neighbor to use MSE and dump N360. What do you think?

Corrine · Oct 15, 2012

Most of the A/V's are having problems removing Babylon/Funmoods types of hijacks. Generally, they are a not-so-friendly addition to a free software download. However, who is to say what your friend got using Frostwire and/or Blubster. I didn't given you one of my P2P lectures, figuring you'd advise your neighbor of the dangers. You're welcome to share:

P2P programs form a direct conduit on to your computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files.

If you do convince your neighbor to switch from Norton 360, I have no doubt the computer will be faster. Don't forget to use the Norton Removal Tool.

Should he make that change, and considering MSE is free, you may want to suggest that he purchase a license to a program such as MBAM since it will provide additional real-time protection not included in MSE.

If all is well, you can do the following to clean up the tools we used:

Please do the following to implement cleanup procedures and also to reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall

Note: In the event you wish to contribute to the ongoing development of ComboFix, the developer is accepting donations via PayPal.

OTL CleanUp will handle the remaining programs.

Right-click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.)
Press the CleanUp button.
When done, you will be prompted to reboot your system to finish file removal... please select OK to reboot your computer.

You may want to consider suggesting WOT, Web of Trust. It warns about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show ratings for rated websites - green to go, yellow for caution and red to stop, helping to avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Although your neighbor's computer was fairly up to date, that could have been after you got hold of it. Because older versions of third-party software frequently have security vulnerabilities, suggest Secunia Software Inspector which will help keep track of programs that need to be updated.

Speaking of programs that need updating, Adobe Reader XI was released today (additional info at Adobe Reader and Acrobat Version XI Released ~ Security Garden).

Please let me know if you have any questions.

N_J · Oct 21, 2012

Hi Corrine,

Just a short note to say everything is good now, all programs are updated. Thank you for helping I appreciate it and so does my neighbor.

Corrine · Oct 21, 2012

You're welcome, Ken, and so is your neighbor.

[SOLVED] IE not responding, already ran MBAM and Combofix

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

N_J

Emeritus, Contributor

Corrine

Administrator,
Microsoft MVP,
Security Analyst

[SOLVED] IE not responding, already ran MBAM and Combofix

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Emeritus, Contributor

Administrator, Microsoft MVP, Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst