Solved Windows update fails

[radianceseeker]

S3 PNRPAutoReg; C:\Windows\system32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\SysWOW64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [533504 2009-04-10] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [178176 2009-04-10] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [284160 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [98304 2008-01-20] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\Windows\System32\rasmans.dll [309760 2009-04-10] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [88064 2008-01-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [68608 2008-01-20] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [206848 2009-04-10] (Microsoft Corporation) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 RpcLocator; C:\Windows\system32\locator.exe [8704 2006-11-02] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [719872 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [11264 2011-11-16] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [147968 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\SysWOW64\SCardSvr.dll [95232 2009-04-10] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [855040 2010-11-06] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [49664 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [128000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\Windows\system32\seclogon.dll [28672 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [61952 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [47104 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [74752 2008-01-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [84992 2008-01-20] (Microsoft Corporation) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [821000 2008-10-03] (Trend Micro Inc.)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [342016 2008-01-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
R2 slsvc; C:\Windows\system32\SLsvc.exe [2582016 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SLUINotify; C:\Windows\system32\SLUINotify.dll [73216 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2006-11-02] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [273920 2010-08-17] (Microsoft Corporation) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S4 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [185856 2008-01-20] (Microsoft Corporation) [File not signed]
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [141312 2008-01-20] (Microsoft Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_f86438be\STacSV64.exe [246272 2008-06-26] (IDT, Inc.) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [572416 2009-04-10] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [480768 2009-04-10] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [886784 2009-04-10] (Microsoft Corporation) [File not signed]
R2 TabletInputService; C:\Windows\System32\TabSvc.dll [84992 2006-11-02] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [318976 2009-04-10] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242688 2009-04-10] (Microsoft Corporation) [File not signed]
S2 TBS; C:\Windows\System32\tbssvc.dll [65536 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TermService; C:\Windows\System32\termsrv.dll [548352 2014-10-09] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\SysWOW64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [37888 2008-01-20] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [117248 2008-01-20] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [42496 2009-04-10] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\System32\upnphost.dll [344576 2008-01-20] (Microsoft Corporation) [File not signed]
S4 upnphost; C:\Windows\SysWOW64\upnphost.dll [259072 2008-01-20] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [32768 2009-04-10] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [454656 2009-04-10] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1433600 2009-04-10] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\Windows\system32\w32time.dll [372736 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [581120 2009-04-10] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [413696 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [39936 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32256 2006-11-02] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [81920 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [73728 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\System32\webclnt.dll [218624 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\Windows\SysWOW64\webclnt.dll [199680 2009-04-10] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [232960 2009-10-09] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [85504 2006-11-02] (Microsoft Corporation) [File not signed]
R2 WerSvc; C:\Windows\System32\WerSvc.dll [120832 2008-01-20] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [442368 2011-11-16] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [377344 2011-11-16] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [221696 2009-04-10] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\system32\WsmSvc.dll [2050048 2009-10-09] (Microsoft Corporation) [File not signed]
S4 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1181696 2009-10-09] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [615936 2009-07-11] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [209920 2009-04-10] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1216000 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\System32\wpcsvc.dll [173568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [140288 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [107008 2009-09-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [74752 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [597504 2009-04-10] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [441344 2009-04-10] (Microsoft Corporation) [File not signed]
R2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [412672 2008-07-02] (Conexant Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; C:\Windows\system32\drivers\afd.sys [404992 2014-05-30] (Microsoft Corporation) [File not signed]
S4 AmdK8; C:\Windows\system32\drivers\amdk8.sys [50688 2008-01-20] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
S4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [55296 2008-01-20] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-18] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [18432 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [8704 2006-09-18] (Brother Industries, Ltd.) [File not signed]
S4 Brserid; C:\Windows\system32\drivers\brserid.sys [86528 2006-11-02] (Brother Industries Ltd.) [File not signed]
S4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [47104 2006-09-18] (Brother Industries Ltd.) [File not signed]
S4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [14976 2006-09-18] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [14720 2006-09-19] (Brother Industries Ltd.) [File not signed]
S4 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [50688 2006-11-02] (Microsoft Corporation) [File not signed]
R3 CAXHWBS2; C:\Windows\System32\DRIVERS\CAXHWBS2.sys [411136 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [90624 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [79872 2009-04-10] (Microsoft Corporation) [File not signed]
S4 circlass; C:\Windows\system32\drivers\circlass.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [19840 2010-04-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [233040 2010-04-09] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [33208 2010-04-09] (COMODO)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [97792 2011-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [6144 2008-01-20] (Microsoft Corporation) [File not signed]
S3 E1G60; C:\Windows\System32\DRIVERS\E1G6032E.sys [146176 2008-01-20] (Intel Corporation) [File not signed]
S4 ErrDev; C:\Windows\system32\drivers\errdev.sys [8704 2008-01-20] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [187904 2009-04-10] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [198656 2014-09-04] (Microsoft Corporation) [File not signed]
S4 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [33280 2008-01-20] (Microsoft Corporation) [File not signed]
S4 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2008-01-20] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [16384 2012-02-29] (Microsoft Corporation) [File not signed]
R3 HCW85BDA; C:\Windows\System32\drivers\HCW85BDA.sys [1708800 2009-07-14] (Hauppauge Computer Works) [File not signed]
S4 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-03-05] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [275456 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [948736 2009-04-10] (Microsoft Corporation) [File not signed]
S4 HidBth; C:\Windows\system32\drivers\hidbth.sys [34304 2006-11-02] (Microsoft Corporation) [File not signed]
S4 HidIr; C:\Windows\system32\drivers\hidir.sys [25600 2006-11-02] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [15872 2009-04-10] (Microsoft Corporation) [File not signed]
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1487872 2008-07-02] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [620032 2010-02-20] (Microsoft Corporation) [File not signed]
S4 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [64000 2008-01-20] (Microsoft Corporation) [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [84696 2010-04-09] (COMODO)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [48128 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [67584 2009-04-10] (Microsoft Corporation) [File not signed]
S4 IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [76288 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\DRIVERS\ipnat.sys [115712 2008-01-20] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17408 2008-01-20] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [22528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20864 2008-01-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [59392 2008-01-20] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [109568 2008-01-20] (Microsoft Corporation) [File not signed]
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-07-02] (Conexant) [File not signed]
R3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2008-01-20] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [49152 2008-01-20] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [19968 2008-01-20] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [81408 2008-01-20] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [139264 2009-04-10] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [135680 2011-04-29] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [275456 2011-07-06] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [107008 2011-04-29] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11008 2008-01-20] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6656 2006-11-02] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [7936 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [187392 2009-04-10] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [22016 2008-01-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [169472 2009-04-10] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2008-01-20] (Microsoft Corporation) [File not signed]
R1 netbt; C:\Windows\System32\DRIVERS\netbt.sys [248320 2009-04-10] (Microsoft Corporation) [File not signed]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [709632 2007-12-14] (Ralink Technology Corp.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2006-11-02] (Microsoft Corporation) [File not signed]
R3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72448 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Parport; C:\Windows\system32\drivers\parport.sys [96768 2006-11-02] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [712704 2006-10-23] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [98816 2009-04-10] (Microsoft Corporation) [File not signed]
S4 Processor; C:\Windows\system32\drivers\processr.sys [47104 2008-01-20] (Microsoft Corporation) [File not signed]
R1 PSched; C:\Windows\System32\DRIVERS\pacer.sys [94208 2009-04-10] (Microsoft Corporation) [File not signed]
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [70672 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUWFLT; C:\Windows\System32\DRIVERS\PTDUWFLT.sys [12688 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [141840 2009-08-12] (DEVGURU Co., LTD.)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2008-01-20] (Microsoft Corporation) [File not signed]
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (ATI Technologies Inc.) [File not signed]
R1 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [124928 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [50176 2009-04-10] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [78336 2009-04-10] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [287744 2009-04-10] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
S4 rdpdr; C:\Windows\system32\drivers\rdpdr.sys [314368 2008-01-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7168 2008-01-20] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [75776 2008-01-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2006-09-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23040 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2006-11-02] (Microsoft Corporation) [File not signed]
S4 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14848 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [13824 2008-01-20] (Microsoft Corporation) [File not signed]
S4 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16384 2006-11-02] (Microsoft Corporation) [File not signed]
R1 Smb; C:\Windows\System32\DRIVERS\smb.sys [88064 2009-04-10] (Microsoft Corporation) [File not signed]
S3 SMSIVZAM5X64; D:\app\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.SYS [43032 2009-05-25] (Smith Micro Inc.)
R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [237600 2009-08-10] (Acronis)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [450560 2011-02-18] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [176128 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [145920 2011-04-29] (Microsoft Corporation) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [457216 2008-06-26] (IDT, Inc.) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [40448 2014-04-04] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [16384 2008-01-20] (Microsoft Corporation) [File not signed]
R0 tdrpman140; C:\Windows\System32\DRIVERS\tdrpm140.sys [1580576 2009-08-10] (Acronis)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [29696 2008-01-20] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [94720 2009-04-10] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [29184 2013-06-15] (Microsoft Corporation) [File not signed]
R3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [18432 2008-01-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [29696 2010-02-18] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [299008 2009-04-10] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [41984 2008-01-20] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [95744 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbcir; C:\Windows\system32\drivers\usbcir.sys [79360 2006-11-02] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [49664 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [274944 2013-06-28] (Microsoft Corporation) [File not signed]
S4 usbohci; C:\Windows\system32\drivers\usbohci.sys [24064 2006-11-02] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [24064 2008-01-20] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [77824 2009-04-10] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [29184 2011-05-05] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2008-01-20] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [28672 2008-01-20] (Microsoft Corporation) [File not signed]
S4 WacomPen; C:\Windows\system32\drivers\wacompen.sys [26624 2006-11-02] (Microsoft Corporation) [File not signed]
S3 Wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [86528 2009-04-10] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S4 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2008-01-20] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [46592 2009-09-30] (Microsoft Corporation) [File not signed]
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [20992 2008-01-20] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [10240 2008-07-02] (Conexant Systems, Inc.) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 23:00 - 2015-04-14 23:11 - 01021276 _____ () C:\Users\thewaves\Desktop\FRST.txt
2015-04-14 23:00 - 2015-04-14 23:10 - 00000000 ____D () C:\FRST
2015-04-14 22:59 - 2015-04-14 22:59 - 02096640 _____ (Farbar) C:\Users\thewaves\Desktop\FRST64.exe
2015-04-14 22:56 - 2015-04-14 22:56 - 01136128 _____ (Farbar) C:\Users\thewaves\Desktop\FRST.exe
2015-04-01 19:34 - 2015-04-01 19:34 - 00001275 _____ () C:\Users\thewaves\.recently-used.xbel
2015-03-30 19:58 - 2015-03-30 20:12 - 00000641 _____ () C:\Users\Public\Desktop\fx40nightly.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 23:10 - 2009-04-10 09:56 - 01751627 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:37 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:15 - 2011-04-20 07:09 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 20:43 - 2006-11-02 07:46 - 00851418 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 20:37 - 2011-04-20 07:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 20:37 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 20:35 - 2006-11-02 10:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 17:25 - 2012-09-11 09:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 17:25 - 2011-08-18 05:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 17:22 - 2009-08-10 20:51 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\vlc
2015-04-13 15:35 - 2009-09-20 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
2015-04-11 08:58 - 2009-08-10 20:57 - 00000000 ____D () C:\Users\thewaves\.VirtualBox
2015-04-06 22:12 - 2010-06-30 15:02 - 00000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-04-06 18:26 - 2012-06-26 07:17 - 00000000 ____D () C:\mozilla-central
2015-04-01 19:34 - 2009-08-10 17:03 - 00000000 ____D () C:\Users\thewaves
2015-03-30 14:59 - 2010-07-31 06:20 - 00000000 ____D () C:\Users\thewaves\AppData\Roaming\TortoiseHg

==================== Files in the root of some directories =======

2011-11-27 20:24 - 2014-04-07 22:00 - 0000680 _____ () C:\Users\thewaves\AppData\Local\d3d9caps.dat
2010-06-06 05:54 - 2010-06-06 05:54 - 0000732 _____ () C:\Users\thewaves\AppData\Local\d3d9caps64.dat
2009-08-11 09:09 - 2015-02-02 20:12 - 0091136 _____ () C:\Users\thewaves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-17 08:41 - 2010-06-17 08:42 - 0230564 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924MSI005F.txt
2010-06-17 08:41 - 2010-06-17 08:42 - 0012688 _____ () C:\Users\thewaves\AppData\Local\dd_ATL90SP1_KB973924UI005F.txt
2010-06-16 12:14 - 2010-06-16 16:07 - 0299854 _____ () C:\Users\thewaves\AppData\Local\dd_depcheck_VC_EXP_90.txt
2010-06-16 12:14 - 2010-06-16 12:14 - 0000002 _____ () C:\Users\thewaves\AppData\Local\dd_error_vc_xcor_90.txt
2010-06-16 12:43 - 2010-06-16 12:43 - 1214622 _____ () C:\Users\thewaves\AppData\Local\dd_ExpRemoteDbg_x64_MSI6AF6.txt
2010-06-16 12:14 - 2010-06-16 16:09 - 0686484 _____ () C:\Users\thewaves\AppData\Local\dd_install_vc_xcor_90.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0397158 _____ () C:\Users\thewaves\AppData\Local\dd_SharedManagementObjects_MSI6E50.txt
2010-06-16 12:47 - 2010-06-16 12:47 - 0181772 _____ () C:\Users\thewaves\AppData\Local\dd_SQLSysClrTypes_msi6E4A.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0430662 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:12 - 0347390 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistMSI6C80.txt
2009-11-12 10:42 - 2009-11-12 10:43 - 0011418 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI21C4.txt
2009-12-20 06:12 - 2009-12-20 06:13 - 0011170 _____ () C:\Users\thewaves\AppData\Local\dd_vcredistUI6C80.txt
2010-06-16 12:42 - 2010-06-16 12:43 - 0436236 _____ () C:\Users\thewaves\AppData\Local\dd_VC_Red_MSI6AC1.txt
2010-06-16 12:43 - 2010-06-16 12:44 - 5362100 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Build_x64_MSI6B1D.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0223314 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_ExpTools_x64_MSI6B9F.txt
2010-06-16 12:44 - 2010-06-16 12:44 - 0202590 _____ () C:\Users\thewaves\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI6BA9.txt
2010-06-30 15:02 - 2015-04-06 22:12 - 0000600 _____ () C:\Users\thewaves\AppData\Local\PUTTY.RND
2015-01-31 20:00 - 2015-01-31 20:00 - 0000763 _____ () C:\Users\thewaves\AppData\Local\recently-used.xbel
2010-06-16 12:14 - 2010-06-16 16:09 - 0008476 _____ () C:\Users\thewaves\AppData\Local\uxeventlog.txt
2010-06-16 16:07 - 2010-06-16 16:08 - 7489658 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog0708.txt
2010-06-16 12:44 - 2010-06-16 12:47 - 10611048 _____ () C:\Users\thewaves\AppData\Local\VSMsiLog6BD7.txt

Some content of TEMP:
====================
C:\Users\thewaves\AppData\Local\Temp\GoodPlugin.exe
C:\Users\thewaves\AppData\Local\Temp\GURBB.exe
C:\Users\thewaves\AppData\Local\Temp\GURFEB8.exe
C:\Users\thewaves\AppData\Local\Temp\mirc635.exe
C:\Users\thewaves\AppData\Local\Temp\pyl9391.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\pylB20A.tmp.exe
C:\Users\thewaves\AppData\Local\Temp\RLYLLO.exe
C:\Users\thewaves\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 20:43

==================== End Of Log ============================

 

[radianceseeker]

That's the end of FRST.txt.

If you find the split format hard to work with, here's FRST as a single file: http://radianceseeker.dreamhosters.com/FRST.txt

Addition.txt begins below.

It's split too, but also available as a single file: http://radianceseeker.dreamhosters.com/Addition.txt

 

[radianceseeker]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2015
Ran by thewaves at 2015-04-14 23:11:50
Running from C:\Users\thewaves\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: COMODO Antivirus (Disabled - Out of date) {675CEE69-9702-A524-3989-6D7CC8BF3695}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {5F676F4C-DD6D-A47C-12D6-C449366C71EE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acronis True Image Home (HKLM-x32\...\{37C8899D-FD70-481F-94AA-1F1B08765E22}) (Version: 12.0.9608 - Acronis)
ActivePerl 5.10.0 Build 1005 (HKLM-x32\...\{FD025150-EEA0-4CAC-BED1-B9837783FCC8}) (Version: 5.10.1005 - ActiveState)
ActivePerl 5.16.3 Build 1603 (64-bit) (HKLM\...\{8C327061-E39D-4696-84A8-E84533ADDD7D}) (Version: 5.16.1603 - ActiveState)
ActiveState ActiveTcl 8.5.8.2 (HKLM-x32\...\ActiveTcl 8.5.8.2) (Version: 8.5.8.2 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio 1.5 (HKLM-x32\...\Aptana Studio 1.5) (Version: 2.0.0 - Aptana, Inc.)
ATI Catalyst Install Manager (HKLM\...\{576A97E3-1A79-6215-49DE-AA358AF47420}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aurora 5.0a2 (x86 en-US) (HKLM-x32\...\Aurora 5.0a2 (x86 en-US)) (Version: 5.0a2 - Mozilla)
Aurora 8.0a2 (x86 en-US) (HKLM-x32\...\Aurora 8.0a2 (x86 en-US)) (Version: 8.0a2 - Mozilla)
Aurora 8.0a2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Aurora 8.0a2 (x86 en-US)) (Version: 8.0a2 - Mozilla)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Blender (remove only) (HKLM-x32\...\Blender) (Version: - )
ccc-core-static (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1430 - CDBurnerXP)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
COMODO Internet Security (HKLM\...\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}) (Version: 4.0.10770.828 - COMODO Group Inc.)
COMODO livePCsupport (HKLM-x32\...\{A31A5DFC-3439-48FC-99BB-5174168AE471}) (Version: 3.0.133262.11 - COMODO)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{65315E6A-9ADD-4641-89E3-A36A559D3814}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - BR (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Capture (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Common (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Connect (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Custom Data (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Draw (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - EN (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - ES (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Extra Content (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Filters (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - FontNav (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - FR (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - IPM (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - PHOTO-PAINT (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Redist (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Setup Files (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - VideoBrowser (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 - Writing Tools (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X6 (HKLM-x32\...\_{E1E3FDB9-0A58-492D-BE04-BF7FB44281DF}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Home & Student Suite X6 (x32 Version: 16.1 - Corel Corporation) Hidden
Debugging Tools for Windows 64-bit (HKLM\...\{967B4C7D-3914-41C3-803E-28C414B74A10}) (Version: 6.6.7.5 - Microsoft Corporation)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Driver Download Manager (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Driver Sweeper 2.1.0 (HKLM-x32\...\{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1) (Version: - Phyxion.net)
f.lux (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Flux) (Version: - )
Firefox Developer Edition 39.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 39.0a2 (x86 en-US)) (Version: 39.0a2 - Mozilla)
GameRanger (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\GameRanger) (Version: - GameRanger Technologies)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.6.6 (HKLM-x32\...\WinGimp-2.0_is1) (Version: - )
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
IGZ Lobby System (HKLM-x32\...\IGZones_is1) (Version: IGZones - International Gaming Zone)
ImageMagick 6.5.4-9 Q16 (2009-08-15) (HKLM-x32\...\ImageMagick 6.5.4 Q16_is1) (Version: 6.5.4 - ImageMagick Studio LLC)
ImageMagick 6.6.3-10 Q16 (2010-09-01) (HKLM-x32\...\ImageMagick 6.6.3 Q16_is1) (Version: 6.6.3 - ImageMagick Studio LLC)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Linksys Dual-Band Wireless-N USB Network Adapter (HKLM-x32\...\InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}) (Version: 1.0.0.1 - Linksys)
Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter (x32 Version: 1.0.0.1 - Linksys) Hidden
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Meditation (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\meditation-4ebbea9b1f0d5848900197fe3b4d86cf) (Version: - William Lachance)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation)
Microsoft FxCop 1.35 (HKLM-x32\...\{846D9AAD-EA7D-4126-9177-F874FD389BE4}) (Version: 1.35.60623.0 - Microsoft Corporation)
Microsoft Macro Assembler (MASM) (HKLM-x32\...\{F0D36479-04C5-4011-B2F9-FA23C9700157}) (Version: 8.0.50720.105 - Microsoft Corporation)
Microsoft MSDN 2005 Express Edition - ENU (HKLM-x32\...\Microsoft MSDN 2005 Express Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Platform SDK (R2) (3790.2075) (HKLM\...\{9A0ED01E-FD18-457A-AB9C-0835DCDB17BB}) (Version: 5.2.3790.2075 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM-x32\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM-x32\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft Windows Software Development Kit for Windows Vista Update (6000.16384.10) (HKLM\...\SDKSetup_6.1.6000.16384) (Version: 6.1.6000.16384 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Minefield (3.6a1pre) (HKLM-x32\...\Minefield (3.6a1pre)) (Version: 3.6a1pre (en-US) - Mozilla)
Minefield (3.7a5pre) (HKLM-x32\...\Minefield (3.7a5pre)) (Version: 3.7a5pre (en-US) - Mozilla)
Minefield 4.0b13pre (x86 en-US) (HKLM-x32\...\Minefield 4.0b13pre (x86 en-US)) (Version: 4.0b13pre - Mozilla)
mIRC (HKLM-x32\...\mIRC) (Version: 6.35 - mIRC Co. Ltd.)
MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.24.0 - Dell)
Mozilla Firefox (2.0.0.20) (HKLM-x32\...\Mozilla Firefox (2.0.0.20)) (Version: 2.0.0.20 (en-US) - Mozilla)
Mozilla Firefox (3.0.10) (HKLM-x32\...\Mozilla Firefox (3.0.10)) (Version: 3.0.10 (en-US) - Mozilla)
Mozilla Firefox (3.5.3) (HKLM-x32\...\Mozilla Firefox (3.5.3)) (Version: 3.5.3 (es-ES) - Mozilla)
Mozilla Firefox (3.6) (HKLM-x32\...\Mozilla Firefox (3.6)) (Version: 3.6 (en-US) - Mozilla)
Mozilla Firefox (3.6.25) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox (3.6.25)) (Version: 3.6.25 (en-US) - Mozilla)
Mozilla Firefox (3.6.3) (HKLM-x32\...\Mozilla Firefox (3.6.3)) (Version: 3.6.3 (en-US) - Mozilla)
Mozilla Firefox (3.6.3) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox (3.6.3)) (Version: 3.6.3 (en-US) - Mozilla)
Mozilla Firefox (3.6.4) (HKLM-x32\...\Mozilla Firefox (3.6.4)) (Version: 3.6.4 (en-US) - Mozilla)
Mozilla Firefox (3.6b1) (HKLM-x32\...\Mozilla Firefox (3.6b1)) (Version: 3.6b1 (en-US) - Mozilla)
Mozilla Firefox 10.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 10.0 (x86 en-US)) (Version: 10.0 - Mozilla)
Mozilla Firefox 11.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 11.0 (x86 en-US)) (Version: 11.0 - Mozilla)
Mozilla Firefox 12.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-US)) (Version: 12.0 - Mozilla)
Mozilla Firefox 13.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 13.0 (x86 en-US)) (Version: 13.0 - Mozilla)
Mozilla Firefox 14.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 14.0 (x86 en-US)) (Version: 14.0 - Mozilla)
Mozilla Firefox 14.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 en-US)) (Version: 14.0.1 - Mozilla)
Mozilla Firefox 15.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 15.0 (x86 en-US)) (Version: 15.0 - Mozilla)
Mozilla Firefox 15.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 16.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 en-US)) (Version: 16.0 - Mozilla)
Mozilla Firefox 16.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0.1 (x86 en-US)) (Version: 16.0.1 - Mozilla)
Mozilla Firefox 16.0.2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Firefox 17.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0 (x86 en-US)) (Version: 17.0 - Mozilla)
Mozilla Firefox 17.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
Mozilla Firefox 17.0.9 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 17.0.9 (x86 en-US)) (Version: 17.0.9 - Mozilla)
Mozilla Firefox 18.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 en-US)) (Version: 18.0 - Mozilla)
Mozilla Firefox 18.0.2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Firefox 19.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Firefox 19.0.2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 19.0.2 (x86 en-US)) (Version: 19.0.2 - Mozilla)
Mozilla Firefox 20.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 20.0 (x86 en-US)) (Version: 20.0 - Mozilla)
Mozilla Firefox 20.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla)
Mozilla Firefox 21.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 en-US)) (Version: 21.0 - Mozilla)
Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla)
Mozilla Firefox 23.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0 (x86 en-US)) (Version: 23.0 - Mozilla)
Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
Mozilla Firefox 25.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0 (x86 en-US)) (Version: 25.0 - Mozilla)
Mozilla Firefox 25.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Firefox 27.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
Mozilla Firefox 27.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Firefox 29.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Firefox 32.0.3 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Firefox 33.1.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 34.0.5 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Firefox 35.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Firefox 36.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 en-US)) (Version: 36.0 - Mozilla)
Mozilla Firefox 36.0.4 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Firefox 37.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Firefox 37.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 38.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 en-US)) (Version: 38.0 - Mozilla)
Mozilla Firefox 4.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 en-US)) (Version: 4.0 - Mozilla)
Mozilla Firefox 4.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 4.0.1 (x86 en-US)) (Version: 4.0.1 - Mozilla)
Mozilla Firefox 4.0b7 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 4.0b7 (x86 en-US)) (Version: 4.0b7 - Mozilla)
Mozilla Firefox 5.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 5.0 (x86 en-US)) (Version: 5.0 - Mozilla)
Mozilla Firefox 5.0 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 5.0 (x86 en-US)) (Version: 5.0 - Mozilla)
Mozilla Firefox 6.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 6.0 (x86 en-US)) (Version: 6.0 - Mozilla)
Mozilla Firefox 6.0.2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 6.0.2 (x86 en-US)) (Version: 6.0.2 - Mozilla)
Mozilla Firefox 7.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 7.0 (x86 en-US)) (Version: 7.0 - Mozilla)
Mozilla Firefox 7.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 7.0.1 (x86 en-US)) (Version: 7.0.1 - Mozilla)
Mozilla Firefox 8.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 en-US)) (Version: 8.0 - Mozilla)
Mozilla Firefox 9.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0 (x86 en-US)) (Version: 9.0 - Mozilla)
Mozilla Firefox 9.0.1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
Mozilla Thunderbird (2.0.0.23) (HKLM-x32\...\Mozilla Thunderbird (2.0.0.23)) (Version: 2.0.0.23 (en-US) - Mozilla)
Mozilla Thunderbird (3.1) (HKLM-x32\...\Mozilla Thunderbird (3.1)) (Version: 3.1 (en-US) - Mozilla)
Mozilla Thunderbird (3.1.11) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Thunderbird (3.1.11)) (Version: 3.1.11 (en-US) - Mozilla)
Mozilla Thunderbird (5.0) (HKLM-x32\...\Mozilla Thunderbird (5.0)) (Version: 5.0 (en-US) - Mozilla)
Mozilla Thunderbird (6.0) (HKLM-x32\...\Mozilla Thunderbird (6.0)) (Version: 6.0 (en-US) - Mozilla)
Mozilla Thunderbird (6.0.2) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Thunderbird (6.0.2)) (Version: 6.0.2 (en-US) - Mozilla)
Mozilla Thunderbird 12.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 12.0.1 (x86 en-US)) (Version: 12.0.1 - Mozilla)
Mozilla Thunderbird 13.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 13.0 (x86 en-US)) (Version: 13.0 - Mozilla)
Mozilla Thunderbird 16.0.2 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Thunderbird 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Thunderbird 31.1.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 en-US)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MozTrap (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\https://moztrap.mozilla.org) (Version: - )
Namoroka (3.6a1) (HKLM-x32\...\Namoroka (3.6a1)) (Version: 3.6a1 (en-US) - Mozilla)
Namoroka (3.6a2pre) (HKLM-x32\...\Namoroka (3.6a2pre)) (Version: 3.6a2pre (en-US) - Mozilla)
Namoroka (3.6b1pre) (HKLM-x32\...\Namoroka (3.6b1pre)) (Version: 3.6b1pre (en-US) - Mozilla)
Namoroka (3.6b2pre) (HKLM-x32\...\Namoroka (3.6b2pre)) (Version: 3.6b2pre (en-US) - Mozilla)
Namoroka (3.6b4pre) (HKLM-x32\...\Namoroka (3.6b4pre)) (Version: 3.6b4pre (en-US) - Mozilla)
Namoroka (3.6pre) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\Namoroka (3.6pre)) (Version: 3.6pre (en-US) - Mozilla)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.54 - BVRP Software, Inc)
Nightly 19.0a1 (x86 en-US) (HKLM-x32\...\Nightly 19.0a1 (x86 en-US)) (Version: 19.0a1 - Mozilla)
Nightly 34.0a1 (x86 en-US) (HKLM-x32\...\Nightly 34.0a1 (x86 en-US)) (Version: 34.0a1 - Mozilla)
Nightly 40.0a1 (x86 en-US) (HKLM-x32\...\Nightly 40.0a1 (x86 en-US)) (Version: 40.0a1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
Oracle VM VirtualBox 3.2.4 (HKLM\...\{B667020E-A9D9-4E75-BDDE-A03E0FB96062}) (Version: 3.2.4 - Oracle Corporation)
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
PANTECH UM175 Driver (HKLM\...\{C13AF9C7-8E06-4354-B629-DF6192CE4A66}) (Version: 3.3.3524.918 - PANTECH CO.,LTD)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.5 - Google, Inc.)
PuTTY version 0.60 (HKLM-x32\...\PuTTY_is1) (Version: 0.60 - Simon Tatham)
Python 2.6.2 (HKLM-x32\...\{24aab420-4e30-4496-9739-3e216f3de6ae}) (Version: 2.6.2150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
SeaMonkey (1.1.17) (HKLM-x32\...\SeaMonkey (1.1.17)) (Version: - )
SeaMonkey (2.0.2) (HKLM-x32\...\SeaMonkey (2.0.2)) (Version: 2.0.2 (en-US) - Mozilla)
SeaMonkey 2.26 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.26 (x86 en-US)) (Version: 2.26 - Mozilla)
SeaMonkey 2.30 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.30 (x86 en-US)) (Version: 2.30 - Mozilla)
SecondLife (remove only) (HKLM-x32\...\SecondLife) (Version: - )
Slik Subversion 1.6.11 (x64) (HKLM\...\{71119565-2A84-4B05-8CC2-A4749E5EA20F}) (Version: 1.6.11.0 - SlikSvn & The SharpSvn Project)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.4.2 - Helios)
The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TortoiseHg 1.0.4 (x64) (HKLM\...\{18E79848-5870-4C4C-9AA6-A38B3DB0A81A}) (Version: 1.0.4 - Steve Borho and others)
TortoiseSVN 1.6.8.19260 (64 bit) (HKLM\...\{49D5BCB5-31E0-4B32-816D-E953C372E650}) (Version: 1.6.19260 - TortoiseSVN)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 16.60 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 16.60 - Trend Micro Inc.) Hidden
UX 12.0a1 (x86 en-US) (HKLM-x32\...\UX 12.0a1 (x86 en-US)) (Version: 12.0a1 - Mozilla)
UX 22.0a1 (x86 en-US) (HKLM-x32\...\UX 22.0a1 (x86 en-US)) (Version: 22.0a1 - Mozilla)
UX 29.0a1 (x86 en-US) (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\UX 29.0a1 (x86 en-US)) (Version: 29.0a1 - Mozilla)
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
Vim 7.3 (self-installing) (HKLM\...\Vim 7.3) (Version: - )
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
VZAccess Manager (HKLM-x32\...\{CDC85536-A0EF-4401-82A6-25D8EFC7EFAC}) (Version: 7.2.1.2 - Smith Micro Software Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-3944830479-2141460875-877369160-1000\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireshark 1.2.5 (HKLM-x32\...\Wireshark) (Version: 1.2.5 - The Wireshark developer community, http://www.wireshark.org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3944830479-2141460875-877369160-1000_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> D:\app\TextPad 5\System\shellext64.dll (Helios Software Solutions)
CustomCLSID: HKU\S-1-5-21-3944830479-2141460875-877369160-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> d:\app\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points =========================

04-04-2015 16:24:53 Scheduled Checkpoint
06-04-2015 05:22:50 Scheduled Checkpoint
10-04-2015 02:58:51 Scheduled Checkpoint
12-04-2015 04:49:16 Scheduled Checkpoint
13-04-2015 04:21:47 Scheduled Checkpoint
14-04-2015 18:16:49 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D9CA4FF-5433-4F34-94B5-DF10B8A2615A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {599D04CF-F63D-40BF-82BB-F5A0DE7D9A7E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - thewaves => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {723E9745-90FF-4873-AE88-525134FB5F20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {8C64D46F-C6B1-4190-9237-3F710DF75D49} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL e:\b651d2362d38d7fbd42e0e5e070606\ipoint\Setup64\Files\1033\Eng.rtf
Task: {8E39B629-2341-4989-A555-2013E9E6F081} - System32\Tasks\{2F3A09E6-5070-4BD0-A128-8D57613D659A} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.141&LastError=12007
Task: {E2F958F7-0A76-4EA8-BF0E-201269F213E3} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-04-09 01:26 - 2010-04-09 01:26 - 02335216 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
2008-10-03 12:25 - 2008-10-03 12:25 - 00204552 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2012-08-08 20:01 - 2010-08-19 15:25 - 00272864 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2010-04-06 20:22 - 2011-04-20 01:21 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2011-07-18 16:04 - 2011-07-18 16:04 - 00301568 _____ () d:\app\Notepad++\NppShell_04.dll
2015-01-12 20:11 - 2014-12-17 22:23 - 00736962 _____ () d:\app\Git\git-cheetah\git_shell_ext64.dll
2012-08-08 20:01 - 2011-09-16 12:35 - 04559840 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2010-06-01 17:09 - 2010-06-01 17:09 - 00044448 _____ () D:\app\TortoiseHg\TortoiseHgOverlayServer.exe
2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-06 06:02 - 2010-06-06 06:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-03-30 19:25 - 2015-03-01 02:35 - 00818176 _____ () D:\profiles\fx40nightly\extensions\adbhelper@mozilla.org\win32\adb.exe
2012-08-08 20:01 - 2010-11-10 17:28 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2012-08-08 20:01 - 2010-07-08 11:24 - 00258048 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2015-04-14 17:24 - 2015-04-14 17:24 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2011-04-19 13:17 - 2010-02-22 10:16 - 00839680 _____ () D:\app\xulrunner\js3250.dll
2015-04-04 14:35 - 2015-04-04 14:35 - 03348592 _____ () D:\app\tbird\mozjs.dll
2015-04-04 14:35 - 2015-04-04 14:35 - 00158832 _____ () D:\app\tbird\NSLDAP32V60.dll
2015-04-04 14:35 - 2015-04-04 14:35 - 00023152 _____ () D:\app\tbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3944830479-2141460875-877369160-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\thewaves\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Shortcut Bar.lnk => C:\Windows\pss\Microsoft Office Shortcut Bar.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\app\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ClipManStartup => "D:\app\ClipMan\ClipboardManager.exe"
MSCONFIG\startupreg: f.lux => "C:\Users\thewaves\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Google Update => "C:\Users\thewaves\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: QuickTime Task => "D:\app\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tisspwiz.exe => "C:\Program Files\Trend Micro\Internet Security\tisspwiz.exe" /Delay
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
MSCONFIG\startupreg: UfSeAgnt.exe => "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
MSCONFIG\startupreg: Voobly => "D:\app\Voobly\voobly.exe" --startup

==================== Accounts: =============================

Administrator (S-1-5-21-3944830479-2141460875-877369160-500 - Administrator - Disabled)
Guest (S-1-5-21-3944830479-2141460875-877369160-501 - Limited - Disabled)
testpc (S-1-5-21-3944830479-2141460875-877369160-1001 - Limited - Enabled) => C:\Users\testpc
thewaves (S-1-5-21-3944830479-2141460875-877369160-1000 - Administrator - Enabled) => C:\Users\thewaves

==================== Faulty Device Manager Devices =============

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583


System errors:
=============
Error: (04/14/2015 08:47:56 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.195.3092.0

Update Source: %NT AUTHORITY59

Update Stage: 4.6.0305.00

Source Path: 4.6.0305.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/14/2015 08:38:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Windows Search4

Error: (04/14/2015 08:38:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Windows Search3

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search2300001Restart the service

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service

Error: (04/14/2015 08:38:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (04/14/2015 08:35:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (04/14/2015 11:11:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

 

[radianceseeker]

CodeIntegrity Errors:
===================================
Date: 2015-02-13 02:16:04.103
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:03.722
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:03.345
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:02.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:02.341
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:01.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:01.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-13 02:16:01.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-15 11:57:00.936
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-15 11:57:00.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 83%
Total physical RAM: 6077.03 MB
Available physical RAM: 996.94 MB
Total Pagefile: 18738.08 MB
Available Pagefile: 13396.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:150 GB) (Free:25.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (USR) (Fixed) (Total:250 GB) (Free:26.95 GB) NTFS
Drive e: (TERA1) (Fixed) (Total:931.51 GB) (Free:479.22 GB) NTFS
Drive z: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: F5ACEAD7)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=250 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 4D6B66DB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[radianceseeker]

That's the end of Addition.txt.

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

• Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to the following:
  
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
• Click Finish.
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Export'.
• Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported".
• Click Ok
• Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard'
• Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[radianceseeker]

Wow, quick reply, thanks.

Your instructions say:

> Please download Junkware Removal Tool to your desktop. Shut down your
> protection software now to avoid potential conflicts.

Which protection software should be shut down? AV? Anti-spyware? Firewall? MS Security Essentials?

 

[Broni]

MS Security Essentials

 

[radianceseeker]

Output from RogueKiller. This is from the file RKreport_DEL_04152015_222437.log.

Continuing to work the checklist.

RogueKiller V10.5.10.0 [Apr 14 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : thewaves [Administrator]
Started from : C:\Users\thewaves\Desktop\RogueKiller.exe
Mode : Delete -- Date : 04/15/2015 22:24:37

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[Hj.RegVal] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Replaced (explorer.exe)
[Hj.RegVal] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Replaced (explorer.exe)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Not selected
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3944830479-2141460875-877369160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Not selected
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3944830479-2141460875-877369160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc13e6355c30e671435f86dc410a9212
[BSP] a5f5cf4fc35ff7392858f340d7dbddf4 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 128520 | Size: 15359 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31583790 | Size: 153598 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 346152555 | Size: 255996 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] a72e5d4cc67a6a2eddc6bdc103a18659
[BSP] 46917e5c51a95901d9bf7837b13fda15 : HP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_04152015_222128.log

 

[radianceseeker]

There was a second, slightly older (minutes older) report file in RogueKiller logs, called RKreport_SCN_04152015_222128.log. Here it is.

=======================================================

RogueKiller V10.5.10.0 [Apr 14 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : thewaves [Administrator]
Started from : C:\Users\thewaves\Desktop\RogueKiller.exe
Mode : Scan -- Date : 04/15/2015 22:21:28

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[Hj.RegVal] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Found
[Hj.RegVal] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06FE964E-8905-4DCE-8F90-6CBC703873EE} | DhcpNameServer : 205.152.37.23 205.152.132.23 208.67.222.222 [X][X][-] -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3944830479-2141460875-877369160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3944830479-2141460875-877369160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_Z_1D4B\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc13e6355c30e671435f86dc410a9212
[BSP] a5f5cf4fc35ff7392858f340d7dbddf4 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 128520 | Size: 15359 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31583790 | Size: 153598 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 346152555 | Size: 255996 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] a72e5d4cc67a6a2eddc6bdc103a18659
[BSP] 46917e5c51a95901d9bf7837b13fda15 : HP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

 

[radianceseeker]

Continuing with the checklist.

 

[radianceseeker]

MBAM Threat Scan completed successfully.
Time to complete scan: 00:15:09
Items Scanned: 509,090
Threats Identified: 0

 

[radianceseeker]

The MBAM scan log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/15/2015
Scan Time: 10:47:01 PM
Logfile:
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.16.01
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: thewaves

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 509090
Time Elapsed: 15 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

[radianceseeker]

Continuing to work the checklist.

 

[radianceseeker]

Log file from AdwCleaner.

# AdwCleaner v4.201 - Logfile created 15/04/2015 at 23:41:02
# Updated 08/04/2015 by Xplode
# Database : 2015-04-15.1 [Server]
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Username : thewaves - THUNDER
# Running from : C:\Users\thewaves\Desktop\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Users\thewaves\AppData\Local\Temp\FoxTab

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v38.0 (x86 en-US)


-\\ Google Chrome v

[C:\Users\thewaves\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\thewaves\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1293 bytes] - [15/04/2015 23:20:40]
AdwCleaner[S0].txt - [1226 bytes] - [15/04/2015 23:41:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1285 bytes] ##########

 

[radianceseeker]

JRT scan complete, results below.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.5 (04.15.2015:1)
OS: Windows (TM) Vista Home Premium x64
Ran by thewaves on Wed 04/15/2015 at 23:56:22.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/15/2015 at 23:58:59.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[radianceseeker]

I think I've reached the end of your instructions. What next?

(Can I turn MS Security Essentials back on?)

 

[Broni]

Not yet.

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[radianceseeker]

Preparing for Combofix now.

 

[radianceseeker]

Combofix done; the report's bigger than 50,000 characters so I have to split it.

 

[radianceseeker]

ComboFix 15-04-16.01 - thewaves 04/19/2015 4:24.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6077.4237 [GMT -5:00]
Running from: c:\users\thewaves\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Outdated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\thewaves.V2\AppData\Roaming\mIRC\logs\status.log
c:\users\thewaves.V2\GoToAssistDownloadHelper.exe
c:\users\thewaves\AppData\Roaming\mIRC\logs\status.log
c:\users\thewaves\GoToAssistDownloadHelper.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Files Created from 2015-03-19 to 2015-04-19 )))))))))))))))))))))))))))))))
.
.
2015-04-19 09:36 . 2015-04-19 09:36 -------- d-----w- c:\users\thewaves\AppData\Local\temp
2015-04-19 09:36 . 2015-04-19 09:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-19 09:36 . 2015-04-19 09:36 -------- d-----w- c:\users\testpc\AppData\Local\temp
2015-04-19 05:32 . 2015-03-23 16:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3CF4B2A-28EF-4D40-850D-3D114C926F40}\gapaengine.dll
2015-04-19 05:31 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1395178-FBFF-4025-8EBA-E8B264BCA5C9}\mpengine.dll
2015-04-17 04:19 . 2015-04-17 04:19 473600 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Voobly Mods\AOC\Patches\1.4 RC - Extended Info\up.dll
2015-04-17 04:19 . 2015-04-17 04:19 4608 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Voobly Mods\AOC\Patches\1.4 RC - Extended Info\userpatch.dll
2015-04-17 04:19 . 2015-04-17 04:19 4608 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires II\Voobly Mods\AOC\Patches\1.4 RC - Extended Info\exinfo.dll
2015-04-16 11:52 . 2015-04-16 11:52 -------- d-----w- c:\users\thewaves\AppData\Local\CrashDumps
2015-04-16 05:24 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-16 04:56 . 2015-04-16 04:56 -------- d-----w- C:\RegBackup
2015-04-16 04:20 . 2015-04-16 04:41 -------- d-----w- C:\AdwCleaner
2015-04-16 03:17 . 2015-04-16 03:17 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-04-16 03:17 . 2015-04-16 03:41 -------- d-----w- c:\programdata\RogueKiller
2015-04-15 04:00 . 2015-04-15 04:12 -------- d-----w- C:\FRST
2015-04-01 11:50 . 2015-03-23 16:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{250C3D3C-5741-4BDB-A4B0-D2DE4F92295D}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-16 03:46 . 2015-02-13 08:08 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-14 22:25 . 2012-09-11 14:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 22:25 . 2011-08-18 10:09 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-23 16:40 . 2011-03-25 11:31 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-17 11:15 . 2015-02-13 08:07 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-17 11:15 . 2015-02-13 08:07 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-17 11:15 . 2009-08-11 01:27 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_80766a66ed36afa5\asyncmac.sys
[-] 2008-01-21 . 22D13FF3DAFEC2A80634752B1EAA2DE6 . 22016 . . [6.0.6001.18000] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_05848900d35a7bfd\null.sys
[-] 2006-11-02 . DD5D684975352B85B52E3FD5347C20CB . 6144 . . [6.0.6000.16386] .. c:\windows\system32\drivers\null.sys
.
[-] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[-] 2008-01-21 . 8C39C72E0E853DE04748C0337D9B9216 . 94208 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys
[-] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[-] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_d507c23d565be6a3\browser.dll
[-] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[-] 2014-12-03 . 26150064FB51AB02F1EA8B1AE9D2E2FE . 11264 . . [6.0.6002.23555] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_04a81d512b90ae74\lsass.exe
[-] 2014-10-10 . 3EF1E9AA17CFBBD9DB410BDEC0EA5564 . 11264 . . [6.0.6002.23521] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_04c48bed2b7bf545\lsass.exe
[-] 2014-09-19 . A56F60DDA13AA3641426DB289C282CB2 . 11264 . . [6.0.6002.23498] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23498_none_047fdc992bae6d16\lsass.exe
[-] 2012-06-01 . 0688C6F0E5B1E0ADB1E10BF6A9023063 . 11264 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_0448bc2012538b41\lsass.exe
[-] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[-] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[-] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[-] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[-] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[-] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[-] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[-] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[-] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[-] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
[-] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[-] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[-] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[-] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll
[-] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[-] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[-] 2008-01-21 . D896A0D43F8AB81ECB1FC6C24DECFD58 . 1082368 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll
[-] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[-] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[-] 2008-01-21 . FF27BE0BA7B3C48D5C99AFCB56D436C2 . 713728 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777ff63d6f72\rpcss.dll
[-] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[-] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[-] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[-] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[-] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[-] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe
[-] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[-] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[-] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[-] 2008-01-21 . E6519A9E756D74DC51C697BA62162F51 . 267264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[-] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[-] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[-] 2008-01-21 . 856491FCED98093D824B9EB2892F564A . 406016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[-] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[-] 2013-07-04 . 2E2B796F36C4DA7BDDA70DF95E3D217A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_975e94748dabd227\comctl32.dll
[-] 2013-07-04 . 04BE188624096B6D2F8C760940B2D100 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_414ad6405542c1e6\comctl32.dll
[-] 2013-07-04 . 0F00CDCB55EEC73DA4F32331DEA2A0D7 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_97f5a8cfa6c09fc0\comctl32.dll
[-] 2013-07-04 . 33EF2E827B1292A5CD06E2E937EE9DE1 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_432a6ae8526f3f0f\comctl32.dll
[-] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6d9b810\comctl32.dll
[-] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44c5cb0dae9066\comctl32.dll
[-] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432d25ac526cda7f\comctl32.dll
[-] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9968dcc\comctl32.dll
[-] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe655b750d60b18a\comctl32.dll
[-] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a7622b394b8efb\comctl32.dll
[-] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d76b771\comctl32.dll
[-] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
[-] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
[-] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890626a5a\comctl32.dll
[-] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec\comctl32.dll
[-] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40bf29b13c26ca69\comctl32.dll
[-] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da\comctl32.dll
[-] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6\comctl32.dll
[-] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba849054f4b0\comctl32.dll
[-] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40ba501d3c2b20ff\comctl32.dll
[-] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa\comctl32.dll
[-] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_40339432230aebeb\comctl32.dll
[-] 2013-07-04 . 2E2B796F36C4DA7BDDA70DF95E3D217A . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_88cf765b9e8f4a59\comres.dll
[-] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[-] 2013-10-03 . 66C5431A70C1EA482819DA8AB5B7D274 . 177664 . . [6.0.6002.23235] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_d472c619698494d0\cryptsvc.dll
[-] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6002.18881] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_d3af3c9c5092edcf\cryptsvc.dll
[-] 2013-07-08 . C848E7E63A1A56F092AF5C6032048BD6 . 177664 . . [6.0.6002.23154] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_d45c24116995b634\cryptsvc.dll
[-] 2013-04-24 . 1B22BC0B71F65001479DAB792C3F626C . 174592 . . [6.0.6002.18831] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_d3e54c38506a621a\cryptsvc.dll
[-] 2013-04-24 . F47B316D81160CB2A0BC5F87046B6EFE . 177664 . . [6.0.6002.23101] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_d48f32cf696fde7a\cryptsvc.dll
[-] 2013-04-17 . 6D151DA5731286E52FD2D40DCB8623DB . 174592 . . [6.0.6002.18827] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_d3f61de0505cde33\cryptsvc.dll
[-] 2013-04-17 . F4F2EB4634C783874EFA0516BF3D088F . 177664 . . [6.0.6002.23097] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_d433e35969b374d6\cryptsvc.dll
[-] 2012-06-02 . CA78B312C44E4D52E842C2C8BD48E452 . 174592 . . [6.0.6002.18643] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_d3dc79145070b66b\cryptsvc.dll
[-] 2012-06-01 . 256B8B96B83AEA5213EE90782446DA38 . 177664 . . [6.0.6002.22869] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_d45679a969992348\cryptsvc.dll
[-] 2012-04-23 . 62740B9D2A137E8CED41A9E4239A7A31 . 174592 . . [6.0.6002.18618] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[-] 2012-04-23 . DD9C01648A6455278A441775CA59E2FD . 177664 . . [6.0.6002.22840] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[-] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[-] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[-] 2013-07-08 . 5AAC48EAF8EACF247DB44FB61B900D89 . 174592 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[-] 2009-04-10 . 1782416278B378F80862187EEBC0A51C . 361472 . . [2001.12.6930.16677] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_66e14e8d0d26f566\es.dll
[-] 2009-04-10 . 7143F5F8D7FF0712B6D2F336495554FE . 361472 . . [2001.12.6930.20818] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_67accd1026130408\es.dll
[-] 2009-04-10 . 6B1A97BF9FEFBDC83F3C7C7D0F826C66 . 361984 . . [2001.12.6931.18057] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_68dd2d0b0a3d4e75\es.dll
[-] 2009-04-10 . AE5538074DF0BB8EE5A3ECB9F5460965 . 361984 . . [2001.12.6931.22162] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6956f87823678b7d\es.dll
[-] 2008-01-21 . D8338E6B3C23AD36096A6FDABD039283 . 354304 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_690c3aa10a1b115f\es.dll
[-] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[-] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a62fea3984\imm32.dll
[-] 2008-01-21 . 8D2C00D198598AAE77B1648FFBF39895 . 163840 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_b874b99a32c86e38\imm32.dll
[-] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[-] 2014-04-26 . 00150B5D58D552CC0A9D8C7C5BFE0129 . 622592 . . [1.0626.6002.19096] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.19096_none_0aa427d40e43cb21\usp10.dll
[-] 2014-04-26 . 23FC0C21D83F63A3BF6A9AA41FE44550 . 623616 . . [1.0626.6002.23386] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.23386_none_0b38985727594948\usp10.dll
[-] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b275afcf9\usp10.dll
[-] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700e1ced6b\usp10.dll
[-] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec110986fd\usp10.dll
[-] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2a2e5936\usp10.dll
[-] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0dfb9cb0\usp10.dll
[-] 2008-01-21 . 8745227FAB62C0886B4B122CAD1D799E . 622080 . . [1.0626.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_0919149210d9d164\usp10.dll
[-] 2014-04-26 . 00150B5D58D552CC0A9D8C7C5BFE0129 . 622592 . . [1.0626.6002.19096] .. c:\windows\system32\usp10.dll
.
[-] 2014-02-06 . 3D2BC46317D0FB5854F5C86686D593DB . 1212416 . . [6.0.6002.19034] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_f1a672fb0be4194d\kernel32.dll
[-] 2014-02-06 . E9ED224FDC26809C9C931C60B3D375DA . 1213440 . . [6.0.6002.23323] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_f239e33424fa7e1d\kernel32.dll
[-] 2012-09-28 . A02EB771DAE80667E3C877CF19E3F6EE . 1210368 . . [6.0.6002.18704] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_f1c706d10bcb97ea\kernel32.dll
[-] 2012-09-28 . 53864C438B27EAC653D35F8ACF0A17FC . 1211904 . . [6.0.6002.22942] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_f223653e250b71f1\kernel32.dll
[-] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0c2e10be78eec\kernel32.dll
[-] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c004224f88e9f\kernel32.dll
[-] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd1caf0ec055f8\kernel32.dll
[-] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00cddde28084bf0\kernel32.dll
[-] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7f9d10bcac530\kernel32.dll
[-] 2008-01-21 . 1122C8BE4BC4F392598A9543DC1014E0 . 1213952 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_efdc80c50ea8f9e4\kernel32.dll
[-] 2014-02-06 . 3D2BC46317D0FB5854F5C86686D593DB . 1212416 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[-] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483cda05db182e8\linkinfo.dll
[-] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[-] 2013-06-04 . B70E66A6B5ACF14AEAE3B52D8739D1C6 . 32768 . . [6.0.6002.23132] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_08434269293e5b07\lpk.dll
[-] 2012-12-16 . 29BC2630B5E1A782F7C1A765F6641E39 . 32768 . . [6.0.6002.23004] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_0865b0db29243cbb\lpk.dll
[-] 2012-11-08 . 1B3B77010FB77CE937E48B7ABDC7A0B7 . 32768 . . [6.0.6002.22969] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22969_none_0829faa329502fd2\lpk.dll
[-] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_0814533329607318\lpk.dll
[-] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2c264b6e\lpk.dll
[-] 2011-01-08 . 53F965A37AF97ED41A5D722F653F7A16 . 32768 . . [6.0.6002.22566] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_0826f22d2952ef31\lpk.dll
[-] 2011-01-08 . 973AC5DF18195F659F950BAD8B52FC27 . 32768 . . [6.0.6001.22830] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_065aee4d2c19ae30\lpk.dll
[-] 2010-10-28 . 712393754587ECC35EC72680D3031298 . 32768 . . [6.0.6002.22514] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_085b0135292c30ce\lpk.dll
[-] 2010-10-28 . 502D874EFB849DB686B31EA5C6C64750 . 32768 . . [6.0.6001.22787] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_062bded12c3bee1f\lpk.dll
[-] 2010-05-26 . 015628C13EA6B4CC62D9CFC276379F02 . 32768 . . [6.0.6002.22412] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_0858febb292e00f9\lpk.dll
[-] 2010-05-26 . 801AA6FFA579BA861BF002E5DB209F19 . 32768 . . [6.0.6001.22700] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_067b5c2b2c015d36\lpk.dll
[-] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72c1e3808\lpk.dll
[-] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92ef9aa84\lpk.dll
[-] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde15cd6ce8\lpk.dll
[-] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2941d931\lpk.dll
[-] 2009-06-15 . 4E53E703118C8092D255B4BEC2FE997B . 33280 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_045b108d2f0563f2\lpk.dll
[-] 2009-06-15 . 25634B6ADDBAB73F6EF235D26D93C84A . 33280 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_03bfc9ae15f5fb76\lpk.dll
[-] 2009-06-15 . 414E030D6D67F6F7F4663BCF441936CA . 32768 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_064546dd2c29f176\lpk.dll
[-] 2009-06-15 . 1E8003BF4D8A37EA8BFA005879D47258 . 32768 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_082db959294e7948\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_05f1b3fc12e3ce82\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_05a808e8131abf15\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b2613009b17\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_059d3cc81322d554\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_05cd7fd012fde16a\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_05af10a0131467eb\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c813249fcd\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d08100599ce\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_07a31c441031c027\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1016b580\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_0799506e1038efbd\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_07bdc340101cfe6d\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_078d821e1041ef7e\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a010058e6a\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_07c79a7a1015bdc1\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_07a72ab6102e1194\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_07985b881039c550\lpk.dll
[-] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[-] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-I..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_0c54e1384cf6f7c7\hnetcfg.dll
[-] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[-] 2014-11-24 . 5EC5A4ED207200801DCD3EE95AA0A606 . 17874432 . . [9.00.8112.20715] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_2fed5abb317d15e7\mshtml.dll
[-] 2014-11-24 . 912A7D052F551B9D4F2241E60A7900B5 . 17874432 . . [9.00.8112.16599] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_2f113dd2189cbdda\mshtml.dll
[-] 2014-10-27 . 2F6DCF4DC86DFCF68DAF5758366120AF . 17870336 . . [9.00.8112.20708] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_2ffb2b85317245fb\mshtml.dll
[-] 2014-10-27 . 93690EE6C30DEFC5E07D33B440BCC985 . 17870336 . . [9.00.8112.16592] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_2f0a3bcc18a30c79\mshtml.dll
[-] 2014-09-20 . EEB1D09E04E1ECDEE3D5C09F834093BD . 17867776 . . [9.00.8112.16584] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_2f170c4c18992336\mshtml.dll
[-] 2014-09-19 . 436BA2D9F7C6D9D87A0400EE703628E4 . 17869824 . . [9.00.8112.20700] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_2ff3293531797b43\mshtml.dll
[-] 2014-08-15 . 2A9F0170E7CA41AC69FF248670DCDB84 . 17866752 . . [9.00.8112.20691] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_2f92d84d31c192ec\mshtml.dll
[-] 2014-08-15 . DBA2F43305CF9A8AD17F78F7A8571106 . 17868288 . . [9.00.8112.16575] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_2f22dc821890209c\mshtml.dll
[-] 2014-07-24 . 7A792AD1DB78FF218BB3A2C33404C5CE . 17861120 . . [9.00.8112.16563] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_2f2babda1889d1fd\mshtml.dll
[-] 2014-07-24 . E2E2715CB0295651603C8987B5B110C3 . 17863680 . . [9.00.8112.20674] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_2fab790331aea70f\mshtml.dll
[-] 2014-06-07 . FDC9B927AD2FF9291BE3516A4505297C . 17854464 . . [9.00.8112.16561] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_2f29ab46188b9f4f\mshtml.dll
[-] 2014-06-07 . DCED88F35B4599EEA2D1BF309B5BD981 . 17855488 . . [9.00.8112.20672] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_2fa9786f31b07461\mshtml.dll
[-] 2014-05-28 . AA6BE99A1C04C1DA2EC9880247554BE2 . 17857536 . . [9.00.8112.16555] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_2f387c5a187fe8ba\mshtml.dll
[-] 2014-05-28 . 2AF890BF65C8E6AE0DC64DCA8870E2FC . 17858048 . . [9.00.8112.20666] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_2fb8498331a4bdcc\mshtml.dll
[-] 2014-05-06 . 01FA6D239237350EC45B4B12727B8E00 . 17847808 . . [9.00.8112.16553] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_2f367bc61881b60c\mshtml.dll
[-] 2014-05-05 . C9CD994106194680DC04D3CED31F30C5 . 17848320 . . [9.00.8112.20664] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_2fb648ef31a68b1e\mshtml.dll
[-] 2014-04-29 . 9FF0764FEFCEB13A0DCF829F273020A0 . 17849344 . . [9.00.8112.16546] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16546_none_2f444c901876e620\mshtml.dll
[-] 2014-04-29 . 8C84160FBF284A15BA99C297C5B56AE6 . 17850880 . . [9.00.8112.20657] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20657_none_2fc419b9319bbb32\mshtml.dll
[-] 2014-03-08 . DB06224C72F52FAF8339D2669175A222 . 17848832 . . [9.00.8112.16545] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16545_none_2f434c461877ccc9\mshtml.dll
[-] 2014-03-08 . 5F934EC9C41CF86843940B86E326407B . 17848832 . . [9.00.8112.20656] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20656_none_2fc3196f319ca1db\mshtml.dll
[-] 2014-02-23 . 5B7F5B128E0B063AD908C3DC2B11F4FD . 17848320 . . [9.00.8112.20651] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20651_none_2fbe17fd31a12328\mshtml.dll
[-] 2014-02-23 . BFDAB6AA9DAAA114BF3D2EA64C50A903 . 17847808 . . [9.00.8112.16540] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16540_none_2f3e4ad4187c4e16\mshtml.dll
[-] 2014-11-24 . 912A7D052F551B9D4F2241E60A7900B5 . 17874432 . . [9.00.8112.16421] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_2f25436a5491724b\msvcrt.dll
[-] 2011-12-14 . 4B2F10ED918CA8B29A04B8B1B34D9349 . 621056 . . [7.0.6002.22755] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_2fb2e3436dab7498\msvcrt.dll
[-] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4ab054655a2f\msvcrt.dll
[-] 2008-01-21 . 11DB261E8EE318CA41498300327CB5F2 . 621056 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_2d73d1a457438ee3\msvcrt.dll
[-] 2011-12-14 . 2C74308C8A20F3F3A2226DFE36914CBF . 621056 . . [7.0.6002.18551] .. c:\windows\system32\msvcrt.dll
.
[-] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
[-] 2008-01-21 . 66306D7E90650EBE667811C1AF010BAC . 304128 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[-] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[-] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[-] 2008-01-21 . 5D0A4891F8CD0E9E64FF57A6A34044F5 . 716800 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[-] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[-] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_0123b2f0b2579bf3\powrprof.dll
[-] 2008-01-21 . 6FF12A84BDBA50AFE7FCF3A524E14B71 . 121344 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_ff3839e4b535d0a7\powrprof.dll
[-] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[-] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[-] 2008-01-21 . 35F1DD99F9903BC267C2AF16B09F9BF7 . 235520 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[-] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[-] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed0148f16ae\sfc.dll
[-] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[-] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[-] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[-] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4146ed6b9a71d501\tapisrv.dll
[-] 2008-01-21 . 52091001CAF20AE84CF47023EE21B4BB . 318464 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_3f5b745f9d5009b5\tapisrv.dll
[-] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[-] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[-] 2008-01-21 . 32B87D215905F648EBE36A621978442C . 820224 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[-] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[-] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[-] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe

 

[radianceseeker]

.
[-] 2014-11-24 . F57DFE91E0B8169455EE92144B70624A . 1392640 . . [9.00.8112.20715] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_1e933b9cb126acb1\wininet.dll
[-] 2014-11-24 . BC38D79383F2B4CD435063AED75228D0 . 1392128 . . [9.00.8112.16599] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_1db71eb3984654a4\wininet.dll
[-] 2014-10-27 . 1EDFBDD810B2A761225BBDBECF68C8F5 . 1392640 . . [9.00.8112.20708] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_1ea10c66b11bdcc5\wininet.dll
[-] 2014-10-27 . 189A96C0E45C4A3814C9160EF1F790B5 . 1392128 . . [9.00.8112.16592] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_1db01cad984ca343\wininet.dll
[-] 2014-09-19 . A2E24197853DF27F5799BDA2F6D5A904 . 1392128 . . [9.00.8112.16584] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_1dbced2d9842ba00\wininet.dll
[-] 2014-09-19 . 1006FD5797F9C6644915F10F6C076661 . 1392640 . . [9.00.8112.20700] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_1e990a16b123120d\wininet.dll
[-] 2014-08-15 . 5AD324FE20EEA3CF57267D3035315BBD . 1392640 . . [9.00.8112.20691] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_1e38b92eb16b29b6\wininet.dll
[-] 2014-08-15 . 6CEBA71D2FBFD956A8F144F4CBBD2826 . 1392128 . . [9.00.8112.16575] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_1dc8bd639839b766\wininet.dll
[-] 2014-07-24 . 868C7FF4F7E19AD9C67EB1302EABB38F . 1392128 . . [9.00.8112.16563] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_1dd18cbb983368c7\wininet.dll
[-] 2014-07-24 . 138367A62D5E30C0DC277D89DFCC0E52 . 1393152 . . [9.00.8112.20674] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_1e5159e4b1583dd9\wininet.dll
[-] 2014-06-07 . 5550345E6C4130091C1E4C5F3EF5CF3A . 1392128 . . [9.00.8112.16561] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_1dcf8c2798353619\wininet.dll
[-] 2014-06-07 . 54C40CC93A1E54746B3573F1CA4C6E43 . 1393152 . . [9.00.8112.20672] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_1e4f5950b15a0b2b\wininet.dll
[-] 2014-05-28 . 115705BBED3CACDCEEFDA25E516A92A1 . 1392128 . . [9.00.8112.16555] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_1dde5d3b98297f84\wininet.dll
[-] 2014-05-28 . 498A59FB37145D33D5BAFFD757EEC4AD . 1393152 . . [9.00.8112.20666] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_1e5e2a64b14e5496\wininet.dll
[-] 2014-03-08 . 56932FF02302B2A294A2221FF7FF1F06 . 1392128 . . [9.00.8112.16545] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_1de92d2798216393\wininet.dll
[-] 2014-03-08 . 0E292E8151DA4F3F9C17C07E51F0FA83 . 1392640 . . [9.00.8112.20656] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_1e68fa50b14638a5\wininet.dll
[-] 2014-02-23 . E68C8EDE9003C57546C05237D77252A9 . 1392640 . . [9.00.8112.20651] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_1e63f8deb14ab9f2\wininet.dll
[-] 2014-02-23 . 20A8C401F2C878AE572D4794336B892C . 1392128 . . [9.00.8112.16540] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_1de42bb59825e4e0\wininet.dll
[-] 2014-02-05 . FC806E63529BB3AACD7C3AE2A42E43A7 . 1392640 . . [9.00.8112.20644] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_1e71c9a8b13fea06\wininet.dll
[-] 2014-02-05 . 7A2123BC4CE0485B66A60609154FC835 . 1392128 . . [9.00.8112.16533] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_1df1fc7f981b14f4\wininet.dll
[-] 2013-11-15 . 60CA010B705660542FB33B43C3653BA0 . 1392128 . . [9.00.8112.16526] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_1dffcd4998104508\wininet.dll
[-] 2013-11-15 . A3721831227EB46D975ED0CCDC67CCE5 . 1392640 . . [9.00.8112.20637] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_1e7f9a72b1351a1a\wininet.dll
[-] 2013-10-13 . C4AA30C01694001B8374CC62BF9AE6FF . 1392128 . . [9.00.8112.16520] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_1df9cb8d9815acfe\wininet.dll
[-] 2013-10-13 . 732555988D4CC24CBAE268FDD09B0D6F . 1392640 . . [9.00.8112.20631] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_1e7998b6b13a8210\wininet.dll
[-] 2013-09-22 . 3CD6F07E6416ED6E18A1965CD2B9144A . 1392128 . . [9.00.8112.16514] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_1e089ca19809f669\wininet.dll
[-] 2013-09-22 . D9BE2BD72318B7E8E030195112D4333B . 1392640 . . [9.00.8112.20625] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_1e8869cab12ecb7b\wininet.dll
[-] 2013-07-31 . 75F110F4005DAE430AECA787FDEA9CBB . 1392128 . . [9.00.8112.16506] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_1e156d2198000d26\wininet.dll
[-] 2013-07-31 . 3B45760D1548C258F56E804328E3BC9B . 1392640 . . [9.00.8112.20617] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_1e953a4ab124e238\wininet.dll
[-] 2013-07-25 . EF560100034BF6C78A979BBB0FF9641C . 1392640 . . [9.00.8112.20613] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_1e913922b1287cdc\wininet.dll
[-] 2013-07-25 . CA87556BBA37D1B4F67C331186618673 . 1392128 . . [9.00.8112.16502] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_1e116bf99803a7ca\wininet.dll
[-] 2013-05-29 . 5536F6E7B74DA37D3EDBB509DE9CE3F5 . 1392128 . . [9.00.8112.16496] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_1db41bef98490b78\wininet.dll
[-] 2013-05-29 . 6B1D554302FB8A5601D972177D7A866D . 1392640 . . [9.00.8112.20606] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_1e9f09ecb11dacf0\wininet.dll
[-] 2013-05-17 . 4FBE96D97A1E070A06F76F67255C756D . 1392128 . . [9.00.8112.16490] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_1dae1a33984e736e\wininet.dll
[-] 2013-05-17 . 5548A99796DB5DDAA32ED9B53BC3AADC . 1392640 . . [9.00.8112.20600] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_1e990830b12314e6\wininet.dll
[-] 2013-04-05 . 563C71A913CAC0C3DE5FFCD36EDB43A0 . 1392128 . . [9.00.8112.16483] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_1dbbeafd9843a382\wininet.dll
[-] 2013-04-04 . 7FD2D2BE22F9A319AB2FD23DD2C9968A . 1392640 . . [9.00.8112.20593] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_1e3ab7dcb1695f3d\wininet.dll
[-] 2013-02-22 . E6A459C8E90C4A873C923C44F3D9510B . 1392640 . . [9.00.8112.20586] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_1e4888a6b15e8f51\wininet.dll
[-] 2013-02-22 . A4F6142CABA82FB7293ECE5FF864B440 . 1392128 . . [9.00.8112.16476] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_1dc9bbc79838d396\wininet.dll
[-] 2013-02-02 . 4E0669B513805A7C2A303C8EDEDC8E03 . 1392128 . . [9.00.8112.20580] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_1e4286eab163f747\wininet.dll
[-] 2013-02-02 . FA274190682AA41A46B285208ED46A74 . 1392128 . . [9.00.8112.16470] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_1dc3ba0b983e3b8c\wininet.dll
[-] 2013-01-09 . 435E9C764E1EF70058580996452BE6A2 . 1392128 . . [9.00.8112.16464] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_1dd28b1f983284f7\wininet.dll
[-] 2013-01-08 . 43A6A68F1F41B13CA4D580D40DFA57EE . 1392128 . . [9.00.8112.20573] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_1e5057b4b159275b\wininet.dll
[-] 2012-11-14 . 5121DB613E10A46A3C5085B479026AA7 . 1392128 . . [9.00.8112.16457] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_1de05be99827b50b\wininet.dll
[-] 2012-11-14 . 5CAF48F12E8CBD96D520F4EFD5B97F76 . 1392128 . . [9.00.8112.20565] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_1e5d2834b14f3e18\wininet.dll
[-] 2012-10-04 . 78ECC235E21DF618234E5CC451E1DBBB . 1392128 . . [9.00.8112.16455] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_1dde5b559829825d\wininet.dll
[-] 2012-10-04 . 40E71E30D6FCFC01AC58C6C4F2578357 . 1392128 . . [9.00.8112.20562] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_1e5a2756b151f213\wininet.dll
[-] 2012-09-17 . 8EA68FD3780DDDD5072F8CB830B3CB3D . 1392128 . . [9.00.8112.16448] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_1dec2c1f981eb271\wininet.dll
[-] 2012-08-24 . 3D165C53E40236A68B7102D1A622D4E0 . 1392128 . . [9.00.8112.16450] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_1dd959e3982e03aa\wininet.dll
[-] 2012-08-24 . 456D4E9006DF149C250D40B813290471 . 1392128 . . [9.00.8112.20557] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_1e69f8b4b14554d5\wininet.dll
[-] 2012-06-28 . A14FEC86F9B5B9D0137C011850B330EF . 1151488 . . [8.00.6001.23385] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_4128af5e8957e6ae\wininet.dll
[-] 2012-06-28 . 817E86B2F0A26AF4F83856003A3A7DBB . 1147392 . . [8.00.6001.19298] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_40974385703faeda\wininet.dll
[-] 2011-05-28 . 964B0B8A24D4E3FAE0E365F4BEBEC471 . 1150976 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_4124aa6a895b8704\wininet.dll
[-] 2011-05-28 . 79F3767D90BA6D04D936DC16FDCB4FB2 . 1147904 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_40a20fa57037989b\wininet.dll
[-] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_4151eaae893949ee\wininet.dll
[-] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_40cd4f55701728d7\wininet.dll
[-] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_417059de8922c36d\wininet.dll
[-] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_40eebf636ffdee5b\wininet.dll
[-] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_4119d8988963a5ce\wininet.dll
[-] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_409867e1703e9aa1\wininet.dll
[-] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_41404a188945ea05\wininet.dll
[-] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_40aa06917031fd63\wininet.dll
[-] 2010-06-26 . 0B27168AD18C00B4532D11ADF08FDF16 . 1150976 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_414ee7ea893c00c2\wininet.dll
[-] 2010-06-26 . AB4A31D99C05A4C7B0C892A10E12FB47 . 1147904 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_40c875c1701b76e2\wininet.dll
[-] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_41785a48891b90fe\wininet.dll
[-] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_40e3170b7006bdb3\wininet.dll
[-] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_411e019e895fd7e8\wininet.dll
[-] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_40f4b5bb6ffa2075\wininet.dll
[-] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_4131a0e289516d58\wininet.dll
[-] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_409c33e1703cd028\wininet.dll
[-] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_414a4198893e817b\wininet.dll
[-] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_40b4d4977029e44b\wininet.dll
[-] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_417781dc891c4465\wininet.dll
[-] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_40e315257006c08c\wininet.dll
[-] 2009-07-22 . 5EFC9526905C57907BFD1295DA41BFB8 . 1146880 . . [8.00.6001.22903] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_417d50568918a9c1\wininet.dll
[-] 2009-07-21 . DC6AB393A9C7BCC24C55DBDCEE1033BD . 1146880 . . [8.00.6001.18813] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_40e8e39f700325e8\wininet.dll
[-] 2009-07-18 . 1C0825B3B7CFDC5B868770A853DDF7E6 . 1025536 . . [7.00.6000.21089] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_5c5d4c4e7660831c\wininet.dll
[-] 2009-07-18 . 85A61BFCA4EEF0AA59AB17E455A2D589 . 1023488 . . [7.00.6000.16890] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_5bc004db5d52e7f2\wininet.dll
[-] 2009-07-18 . 956D2BEADD52257222326EB8537C9C5B . 1014272 . . [7.00.6001.18294] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_5daa44a95a75de3f\wininet.dll
[-] 2009-07-18 . 609E4B4A257B4036245AEF3F8F3488E3 . 1015296 . . [7.00.6001.22475] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_5e4a837c73825ca5\wininet.dll
[-] 2009-07-18 . 11383CCD9514FC4B2B21115841C6E74C . 1014272 . . [7.00.6002.18071] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_5fa35771578eaca3\wininet.dll
[-] 2009-07-18 . AAF4B1FF371BFD069F51FDAF2D21D3D1 . 1015296 . . [7.00.6002.22180] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_6021240670b54f07\wininet.dll
[-] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[-] 2009-04-10 . 4C48ACC0299116CD22A9522D5C7CFFC4 . 1022464 . . [7.00.6000.16643] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_5bf911895d27adf4\wininet.dll
[-] 2009-04-10 . 3166E2EE2060D11A783A1B812B6F4945 . 1022976 . . [7.00.6000.20777] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_5c663fb8765a06ed\wininet.dll
[-] 2009-04-10 . 3CC83953BA4B51B32BD67982A1AF2AF5 . 1013760 . . [7.00.6001.18023] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_5df4f0075a3e0703\wininet.dll
[-] 2009-04-10 . E06F53F091B3567EA83308E5DDFF4094 . 1013760 . . [7.00.6001.22120] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_5e7b8bf4735e5ac8\wininet.dll
[-] 2009-04-10 . EEFC1D846B86CFD92865FFD255B87CFC . 1022464 . . [7.00.6000.16681] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_5bcbd1455d49eb0a\wininet.dll
[-] 2009-04-10 . CB2F683EB47B75F6E83DB0AC87DBFD9A . 1024000 . . [7.00.6000.20823] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_5c98501276351303\wininet.dll
[-] 2009-04-10 . A549050BABB436A7F3867911D302D19F . 1013248 . . [7.00.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_5dc9b0575a5e76c7\wininet.dll
[-] 2009-04-10 . B2BB90B07E1B87F41A0477ED2432AFB9 . 1013248 . . [7.00.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_5e574e4a73787bed\wininet.dll
[-] 2009-04-10 . 9D5E76B1D6941D2BB836655C1B6AE83B . 1022464 . . [7.00.6000.16711] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_5c17829f5d11249a\wininet.dll
[-] 2009-04-10 . 3488EDAF6B3459A6D29B8EFAC70DC35B . 1024512 . . [7.00.6000.20868] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_5c7211d47651017a\wininet.dll
[-] 2009-04-10 . B006FBF83BA6CAE854996F0A1319B5AB . 1013248 . . [7.00.6001.18099] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_5daf424f5a7162a4\wininet.dll
[-] 2009-04-10 . CAE8E1894C7FDEC9A18F4B9B95036105 . 1014272 . . [7.00.6001.22212] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_5e885e5a73546eac\wininet.dll
[-] 2009-04-10 . 50020130D79D6829116B0F5084653271 . 1022464 . . [7.00.6000.16757] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_5bf244ab5d2c2c68\wininet.dll
[-] 2009-04-10 . 0F2E5251DB62D7D47A553DB329DB4B4B . 1024512 . . [7.00.6000.20927] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_5c9c532076317586\wininet.dll
[-] 2009-04-10 . FE420A633F07F015B4D6C5A90346FF5D . 1013248 . . [7.00.6001.18148] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_5de453875a49babf\wininet.dll
[-] 2009-04-10 . 0C3985837353FD84BC2E0B2FFFD75FA2 . 1014272 . . [7.00.6001.22278] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_5e4d808e737fae5c\wininet.dll
[-] 2009-04-10 . D9E8399459565B4E8A7FF2B01CB55F8D . 1022464 . . [7.00.6000.16764] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_5be473e15d36fc54\wininet.dll
[-] 2009-04-10 . 428A8BB8016D66089CF1EFFA9970A76C . 1024512 . . [7.00.6000.20937] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_5c91833476399177\wininet.dll
[-] 2009-04-10 . 8CDADEC7D01F5AE41FD9C49A7053E89B . 1013248 . . [7.00.6001.18157] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_5dd883515a52bd59\wininet.dll
[-] 2009-04-10 . 80C4706935A12EF0DC73F0D0F5A1E577 . 1014272 . . [7.00.6001.22288] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_5e42b0a27387ca4d\wininet.dll
[-] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_40f2b15b6ffbf379\wininet.dll
[-] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_5e078f015a30831c\wininet.dll
[-] 2014-11-24 . BC38D79383F2B4CD435063AED75228D0 . 1392128 . . [9.00.8112.16421] .. c:\windows\system32\wininet.dll
.
[-] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
[-] 2008-01-21 . 63944ECFE4878C1C4889689324CABFAB . 265216 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[-] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[-] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\ws2help.dll
[-] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[-] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee10c108556a\ole32.dll
[-] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d7a8078d99\ole32.dll
[-] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7baaf08c87\ole32.dll
[-] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b36c3dc9850\ole32.dll
[-] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbeba7d09d06\ole32.dll
[-] 2008-01-21 . F36E23B80AC04538726699670050121D . 1923072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_083c42dfaaaed1ba\ole32.dll
[-] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[-] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[-] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[-] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[-] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[-] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f718665b4c03ea89\ctfmon.exe
[-] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[-] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f1fd585934f\shsvcs.dll
[-] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3aaf1823d60\shsvcs.dll
[-] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebda8ee92f85e\shsvcs.dll
[-] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f51d8629d02\shsvcs.dll
[-] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b873024ebb78030\shsvcs.dll
[-] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af7919dd29f485c\shsvcs.dll
[-] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71b9d26cd364\shsvcs.dll
[-] 2008-01-21 . EB3114330236CF030E8EDF62881BAF67 . 301568 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_294ef8add54b0818\shsvcs.dll
[-] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701a4938f68d83\regsvc.dll
[-] 2008-01-21 . 416C611369CBE49074B89CEE2F83ABEF . 206336 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_e584a13d3bd4c237\regsvc.dll
[-] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[-] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf8454ca4d06e\schedsvc.dll
[-] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab4414f8780bd\schedsvc.dll
[-] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e08c065a3caed\schedsvc.dll
[-] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b49134268c58d72\schedsvc.dll
[-] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b33214c81b53a\schedsvc.dll
[-] 2009-04-10 . C315E4CD537736E53D1F28A497FBE29B . 844288 . . [6.0.6000.20779] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20779_none_89806b606b87a06d\schedsvc.dll
[-] 2008-01-21 . C74C6C01353D87AAFE1193B426D667B0 . 843776 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_8b1fba154f5fe9ee\schedsvc.dll
[-] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427e0952313d0c\schedsvc.dll
[-] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[-] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe80e6f8995baeb\ssdpsrv.dll
[-] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2014-10-11 . B18D133516A620F8C1BEE5B004B2B45B . 551424 . . [6.0.6002.23521] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_ed1942f322f4d471\termsrv.dll
[-] 2014-10-10 . 5A67A1108E347FCA6A64B74FFB108BDE . 548352 . . [6.0.6002.19214] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_ec9d732609cc6a6d\termsrv.dll
[-] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[-] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[-] 2014-10-10 . 5A67A1108E347FCA6A64B74FFB108BDE . 548352 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[-] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_442037e04fa9b5c7\ksuser.dll
[-] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[-] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_d38a739ed46982f7\msimg32.dll
[-] 2008-01-21 . 6B58266234B36ABCDD43C797B0D1932E . 8192 . . [6.0.6001.18000] .. c:\windows\system32\msimg32.dll
.
[-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll
[-] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
[-] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll
[-] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll
[-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[-] 2013-10-03 . 165E9D93A84A7F55EBEEB1B554110680 . 135168 . . [6.0.6002.23235] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[-] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6002.18881] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[-] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6002.23154] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[-] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6002.18831] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[-] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6002.23101] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[-] 2013-04-17 . 58CEF2D243575512657452B9E89A2E1F . 133120 . . [6.0.6002.18827] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[-] 2013-04-17 . CC8E2C87016A07892B5448D764BF8A30 . 135168 . . [6.0.6002.23097] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[-] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6002.22869] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6002.18643] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[-] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6002.18618] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[-] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6002.22840] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[-] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
[-] 2009-04-10 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7135f8df4187b761\es.dll
[-] 2009-04-10 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_720177625a73c603\es.dll
[-] 2009-04-10 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7331d75d3e9e1070\es.dll
[-] 2009-04-10 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_73aba2ca57c84d78\es.dll
[-] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7360e4f33e7bd35a\es.dll
.
[-] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[-] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf8644afb7f\imm32.dll
[-] 2008-01-21 . CA3091655E2257B3E3EA86F79A696C56 . 116224 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_c2c963ec67293033\imm32.dll
.
[-] 2014-02-06 . CB4039C1E837995146B29F77E815E2E8 . 862208 . . [6.0.6002.23323] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_fc8e8d86595b4018\kernel32.dll
[-] 2014-02-06 . F55CB10F43802526018AD72604420878 . 861696 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[-] 2014-02-06 . F55CB10F43802526018AD72604420878 . 861696 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_fbfb1d4d4044db48\kernel32.dll
[-] 2012-09-28 . D59DD2AAFF94EAB9BD6C7940C2851735 . 860160 . . [6.0.6002.18704] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_fc1bb123402c59e5\kernel32.dll
[-] 2012-09-28 . 04876F4758D10B768D4CF792D03FC9CF . 860672 . . [6.0.6002.22942] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_fc780f90596c33ec\kernel32.dll
[-] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6002.18449] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf56d33404850e7\kernel32.dll
[-] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90aa945959509a\kernel32.dll
[-] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11c701432117f3\kernel32.dll
[-] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa6188305c690deb\kernel32.dll
[-] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1ca423402b872b\kernel32.dll
[-] 2008-01-21 . 799EEDF377F3B72DB30192AD9FD3C7F3 . 855552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_fa312b174309bbdf\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865321ca55411b2\linkinfo.dll
.
[-] 2013-06-04 . 25D23247F95873C7322BE6B5E9A0DB93 . 23552 . . [6.0.6002.23132] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_1297ecbb5d9f1d02\lpk.dll
[-] 2012-12-16 . 1AFE3E0E4FBAE0FA540CBCEEC5E39D1F . 23552 . . [6.0.6002.23004] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_12ba5b2d5d84feb6\lpk.dll
[-] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855dc13513\lpk.dll
[-] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef60870d69\lpk.dll
[-] 2011-01-08 . 2929BD36F338E1C844FCCB88AFC4DA03 . 23552 . . [6.0.6002.22566] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_127b9c7f5db3b12c\lpk.dll
[-] 2011-01-08 . 077B74545B155C7C16F5951C48F6C9FE . 23552 . . [6.0.6001.22830] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_10af989f607a702b\lpk.dll
[-] 2010-10-28 . EAA25894F6FA01BB1321289E822B390D . 23552 . . [6.0.6002.22514] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_12afab875d8cf2c9\lpk.dll
[-] 2010-10-28 . 72508445768DC97CC522FAE65978DBF4 . 23552 . . [6.0.6001.22787] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_10808923609cb01a\lpk.dll
[-] 2010-05-26 . EF35D31F154DAA93E435D3B18192C40B . 23552 . . [6.0.6002.22412] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_12ada90d5d8ec2f4\lpk.dll
[-] 2010-05-26 . 26E0671ADDD67570AACEC81B2A8803ED . 23552 . . [6.0.6001.22700] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_10d0067d60621f31\lpk.dll
[-] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304a2e2ee3\lpk.dll
[-] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b635a6c7f\lpk.dll
[-] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c429607efa03\lpk.dll
[-] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5da29b2c\lpk.dll
[-] 2009-06-15 . 204EFDC76394A6FB0816D61810C8F529 . 24064 . . [6.0.6000.16870] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_0e1474004a56bd71\lpk.dll
[-] 2009-06-15 . C5028B831E4489F0CEEABFD133855EFF . 23552 . . [6.0.6001.22450] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_1099f12f608ab371\lpk.dll
[-] 2009-06-15 . C92953010CA9964A33210C3273EEB78C . 24064 . . [6.0.6000.21067] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_0eafbadf636625ed\lpk.dll
[-] 2009-06-15 . 459DE300727C02D420DB389B721AF44E . 23552 . . [6.0.6002.22152] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_128263ab5daf3b43\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a44665bc9\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_11f7c69644928222\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4477777b\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_11edfac04499b1b8\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_12126d92447dc068\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_11e22c7044a2b179\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def244665065\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_121c44cc44767fbc\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_11fbd508448ed38f\lpk.dll
[-] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_11ed05da449a874b\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_10465e4e4744907d\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_0ffcb33a477b8110\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f257847615d12\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_0ff1e71a4783974f\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_10222a22475ea365\lpk.dll

 

[radianceseeker]

[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_1003baf2477529e6\lpk.dll
[-] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a478561c8\lpk.dll
.
[-] 2014-11-24 . D86631F4E180273746A79101322394E6 . 12371456 . . [9.00.8112.20715] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_d3cebf37791fa4b1\mshtml.dll
[-] 2014-11-24 . 91F488C0ED1D8B1FDC112F95A4965CC6 . 12369920 . . [9.00.8112.16421] .. c:\windows\SysWOW64\mshtml.dll
[-] 2014-11-24 . 91F488C0ED1D8B1FDC112F95A4965CC6 . 12369920 . . [9.00.8112.16599] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_d2f2a24e603f4ca4\mshtml.dll
[-] 2014-10-27 . 0EE89DC5D4C7A29C03B83F9E42643EEA . 12367360 . . [9.00.8112.20708] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_d3dc90017914d4c5\mshtml.dll
[-] 2014-10-27 . 5BDCC7129C2F0A25F8A8FF6A3BDD9896 . 12366848 . . [9.00.8112.16592] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_d2eba04860459b43\mshtml.dll
[-] 2014-09-19 . 3E7834CD2A543D58443BBE38FD74E8EB . 12364288 . . [9.00.8112.16584] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_d2f870c8603bb200\mshtml.dll
[-] 2014-09-19 . 5E91ECBE5541206D2C31A2B5BB38D97F . 12364800 . . [9.00.8112.20700] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_d3d48db1791c0a0d\mshtml.dll
[-] 2014-08-15 . 7EBA54A72C5B0FF522003FBEBB9994CB . 12363776 . . [9.00.8112.20691] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_d3743cc9796421b6\mshtml.dll
[-] 2014-08-15 . B7E3AF84D1CF6CAA39EA69EF2734B517 . 12363264 . . [9.00.8112.16575] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_d30440fe6032af66\mshtml.dll
[-] 2014-07-24 . 601FCEB3AB6B81F48CCF1E22FFA5E6D4 . 12356608 . . [9.00.8112.16563] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_d30d1056602c60c7\mshtml.dll
[-] 2014-07-24 . A1326470C9DC5E8D81C0F9F0FCCDB158 . 12357632 . . [9.00.8112.20674] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_d38cdd7f795135d9\mshtml.dll
[-] 2014-06-07 . BEFE2A3B0FD950E895A623DF4238247E . 12353024 . . [9.00.8112.16561] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_d30b0fc2602e2e19\mshtml.dll
[-] 2014-06-06 . 6D5EC036CE03EE1EBB2972200A8856EE . 12352512 . . [9.00.8112.20672] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_d38adceb7953032b\mshtml.dll
[-] 2014-05-28 . 0A05BABD0424A3A5882DFA016931A007 . 12357120 . . [9.00.8112.20666] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_d399adff79474c96\mshtml.dll
[-] 2014-05-28 . B7363143940197BD9F16FD957B4F8131 . 12356608 . . [9.00.8112.16555] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_d319e0d660227784\mshtml.dll
[-] 2014-05-05 . 0E468A0C51460D8DA3DF9B782275F1DB . 12347392 . . [9.00.8112.16553] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_d317e042602444d6\mshtml.dll
[-] 2014-05-05 . 978376F3B5B6265463E6C9059ED373CA . 12347904 . . [9.00.8112.20664] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_d397ad6b794919e8\mshtml.dll
[-] 2014-04-29 . DCAA40C2C9F8EE14BAEA773576C26766 . 12347392 . . [9.00.8112.16546] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16546_none_d325b10c601974ea\mshtml.dll
[-] 2014-04-29 . 07501A7E7D9DF1FAB910164D31ED069C . 12348416 . . [9.00.8112.20657] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20657_none_d3a57e35793e49fc\mshtml.dll
[-] 2014-03-07 . 10D0FA4F2A6ADBEEA0FFF10583CC5407 . 12347904 . . [9.00.8112.16545] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16545_none_d324b0c2601a5b93\mshtml.dll
[-] 2014-03-07 . DDFC3CFB3C63820B4464F8545E867BC5 . 12347904 . . [9.00.8112.20656] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20656_none_d3a47deb793f30a5\mshtml.dll
[-] 2014-02-23 . C532BB3C2167824BB26EF465481E27AF . 12347904 . . [9.00.8112.20651] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20651_none_d39f7c797943b1f2\mshtml.dll
[-] 2014-02-23 . 4F23BB46E26DC87F01563B8A96526075 . 12347904 . . [9.00.8112.16540] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16540_none_d31faf50601edce0\mshtml.dll
[-] 2014-02-05 . 620E595C1024D1D8DDBADF13C30FEB39 . 12345344 . . [9.00.8112.20644] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20644_none_d3ad4d437938e206\mshtml.dll
[-] 2014-02-05 . 8CD5CA15064C3E47B4F246F98558E2DD . 12345344 . . [9.00.8112.16533] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16533_none_d32d801a60140cf4\mshtml.dll
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[-] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[-] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[-] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[-] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[-] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[-] 2008-01-21 . 3D691030DBD3BD75DE1501BE54F0D425 . 648192 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[-] 2014-11-24 . 771EE57063F9F6798DC2E52DC0042912 . 1130496 . . [9.00.8112.20715] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_c274a018f8c93b7b\wininet.dll
[-] 2014-11-24 . AA680F0065A505118BDD9181BCE7C83D . 1129472 . . [9.00.8112.16421] .. c:\windows\SysWOW64\wininet.dll
[-] 2014-11-24 . AA680F0065A505118BDD9181BCE7C83D . 1129472 . . [9.00.8112.16599] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll
[-] 2014-10-27 . 746B4DDFD053B4A363D43D077F5B3916 . 1130496 . . [9.00.8112.20708] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_c28270e2f8be6b8f\wininet.dll
[-] 2014-10-27 . B6260FAA9ACF8AC13312C739B23BD0BE . 1129472 . . [9.00.8112.16592] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_c1918129dfef320d\wininet.dll
[-] 2014-09-19 . 3252D4791357FEE6C2BAF0619C041317 . 1129472 . . [9.00.8112.16584] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_c19e51a9dfe548ca\wininet.dll
[-] 2014-09-19 . 0247DDE7AAC890C68E88F158305461BB . 1130496 . . [9.00.8112.20700] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_c27a6e92f8c5a0d7\wininet.dll
[-] 2014-08-15 . 15CBB5EC923B37F34039525998E080B3 . 1130496 . . [9.00.8112.20691] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_c21a1daaf90db880\wininet.dll
[-] 2014-08-15 . BAE2B45ED648DEA784A2048BDB22F3F8 . 1129472 . . [9.00.8112.16575] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_c1aa21dfdfdc4630\wininet.dll
[-] 2014-07-24 . 526014FFF6F612D9D0E86C874E7B0C36 . 1129472 . . [9.00.8112.16563] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_c1b2f137dfd5f791\wininet.dll
[-] 2014-07-24 . 228CC2A0F31917A9E2E4B95D86D8827B . 1130496 . . [9.00.8112.20674] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_c232be60f8facca3\wininet.dll
[-] 2014-06-06 . 61D9AD9E55D7A1E10C0EF701ADE1C486 . 1129472 . . [9.00.8112.16561] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_c1b0f0a3dfd7c4e3\wininet.dll
[-] 2014-06-06 . D19775732C5F0850BB46E4B5CF4E8C39 . 1130496 . . [9.00.8112.20672] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_c230bdccf8fc99f5\wininet.dll
[-] 2014-05-28 . E267DC5D759E11BB895C41E7EFC1A54C . 1130496 . . [9.00.8112.20666] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll
[-] 2014-05-28 . CFD26829131439B71D0109F9D5345573 . 1129472 . . [9.00.8112.16555] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll
[-] 2014-03-07 . 62077F806BC59CBD5A404338D710D133 . 1129472 . . [9.00.8112.16545] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll
[-] 2014-03-07 . 04F7F03B4D4C3EFF8BA6E25F24063250 . 1130496 . . [9.00.8112.20656] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_c24a5eccf8e8c76f\wininet.dll
[-] 2014-02-23 . F68EBB98CE1CFC06EA5CCE5F78056412 . 1130496 . . [9.00.8112.20651] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_c2455d5af8ed48bc\wininet.dll
[-] 2014-02-23 . 1E5DF19A5F053345430D7AF87943C47A . 1129472 . . [9.00.8112.16540] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_c1c59031dfc873aa\wininet.dll
[-] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.20644] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[-] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16533] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[-] 2013-11-14 . 4CC9DF09C3D915BA0A101A11DB684F26 . 1129472 . . [9.00.8112.16526] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[-] 2013-11-14 . 1C0B5D8A0A0F4614F032751E418E87E1 . 1130496 . . [9.00.8112.20637] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[-] 2013-10-13 . C36E38AD3C7FAFF0E30C4CBCB28CE7FB . 1129472 . . [9.00.8112.16520] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[-] 2013-10-13 . F1771715A3DC3DB14BD374F63507878D . 1130496 . . [9.00.8112.20631] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[-] 2013-09-22 . 508484580EA124FB03C41C58D4A63BE1 . 1130496 . . [9.00.8112.20625] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[-] 2013-09-22 . C8ADAA6948993D839D14524847EA5B75 . 1129472 . . [9.00.8112.16514] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[-] 2013-07-31 . 21A5424935A32080A58DD40F2712212C . 1129472 . . [9.00.8112.16506] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[-] 2013-07-31 . 99991FC7D1430A61F27B48AC3D43B028 . 1129984 . . [9.00.8112.20617] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[-] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.20613] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[-] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16502] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[-] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.20606] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[-] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16496] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[-] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16490] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[-] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.20600] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[-] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16483] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[-] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.20593] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[-] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16476] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[-] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.20586] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[-] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.20580] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[-] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16470] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[-] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16464] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[-] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.20573] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[-] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[-] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[-] 2012-10-03 . ED223944D96ED3B4922B8434AEAA94DA . 1129472 . . [9.00.8112.16455] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[-] 2012-10-03 . 3A7F37F14E9603A28E98D00115F022DD . 1129472 . . [9.00.8112.20562] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[-] 2012-09-17 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16448] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[-] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.20557] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[-] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16450] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[-] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.23385] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll
[-] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.19298] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll
[-] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[-] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[-] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[-] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[-] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[-] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[-] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[-] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[-] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[-] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[-] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[-] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[-] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[-] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[-] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[-] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[-] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[-] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[-] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[-] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[-] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[-] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[-] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[-] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[-] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll
[-] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[-] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[-] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[-] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[-] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[-] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[-] 2009-04-10 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[-] 2009-04-10 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[-] 2009-04-10 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[-] 2009-04-10 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[-] 2009-04-10 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[-] 2009-04-10 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[-] 2009-04-10 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[-] 2009-04-10 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[-] 2009-04-10 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[-] 2009-04-10 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[-] 2009-04-10 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[-] 2009-04-10 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[-] 2009-04-10 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[-] 2009-04-10 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[-] 2009-04-10 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[-] 2009-04-10 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[-] 2009-04-10 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[-] 2009-04-10 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[-] 2009-04-10 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[-] 2009-04-10 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[-] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-I..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\ws2help.dll
.
[-] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[-] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[-] 2009-04-10 . 50514057C28A74BAC2BD04B7B990D615 . 3087360 . . [6.0.6000.16771] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[-] 2009-04-10 . 72B9990E45C25AA3C75C4FB50A9D6CE0 . 3086848 . . [6.0.6000.20947] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[-] 2009-04-10 . BBD8E74F23D7605CB0CDB57A1B25D826 . 3080704 . . [6.0.6001.18164] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[-] 2009-04-10 . E404A65EF890140410E9F3D405841C95 . 3081216 . . [6.0.6001.22298] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[-] 2008-01-21 . F6D765FB6B457542D954682F50C26E4F . 3080704 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
.
[-] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[-] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe
.
[-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[-] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[-] 2014-04-26 . B2B8EAD053A54886288523E5128B9C14 . 503296 . . [1.0626.6002.23386] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.23386_none_af19fcd36efbd812\usp10.dll
[-] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] .. c:\windows\SysWOW64\usp10.dll
[-] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.19096_none_ae858c5055e659eb\usp10.dll
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\msimg32.dll
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6001.18000_none_776bd81b1c0c11c1\msimg32.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll

 

[radianceseeker]

[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_285b7a4b21423100\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[-] 2009-04-11 03:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[-] 2009-04-11 03:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[-] 2008-01-21 02:48 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[-] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[-] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_764d448c52115294\rasadhlp.dll
.
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-10-04 4344472]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-10-04 960376]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-07 102400]
"TortoiseHgOverlayIconServer"="d:\app\TortoiseHg\TortoiseHgOverlayServer.exe" [2010-06-01 44448]
.
c:\users\testpc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2009-4-10 50688]
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-8-8 4559840]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2008-9-23 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 18:58]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-20 18:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-10-04 165144]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-09 8041360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\thewaves\AppData\Roaming\Mozilla\Firefox\Profiles\6uwkyyp7.fx38-test\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Voobly - (no file)
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
AddRemove-Aurora 5.0a2 (x86 en-US) - d:\app\fx5auroranightly\uninstall\helper.exe
AddRemove-Aurora 8.0a2 (x86 en-US) - d:\app\fx8nightly\uninstall\helper.exe
AddRemove-Minefield (3.6a1pre) - d:\app\fx3.6-regression-20090601\uninstall\helper.exe
AddRemove-Minefield (3.7a5pre) - d:\app\fx3.7-addonsmgr\uninstall\helper.exe
AddRemove-Mozilla Firefox (3.5.3) - d:\app\fx35.es-ES\uninstall\helper.exe
AddRemove-Mozilla Firefox 14.0 (x86 en-US) - d:\app\fx14nightly\uninstall\helper.exe
AddRemove-Mozilla Firefox 16.0 (x86 en-US) - d:\app\fx16nightly\uninstall\helper.exe
AddRemove-Mozilla Firefox 34.0 (x86 en-US) - d:\app\fx34nightly\uninstall\helper.exe
AddRemove-Namoroka (3.6a2pre) - d:\app\fx3.6-regression-20090901\uninstall\helper.exe
AddRemove-Namoroka (3.6b1pre) - d:\app\fx3.6-regression-20091002\uninstall\helper.exe
AddRemove-Namoroka (3.6b2pre) - d:\app\Namoroka3.6nightly\uninstall\helper.exe
AddRemove-Nightly 19.0a1 (x86 en-US) - d:\app\fx19elm\uninstall\helper.exe
AddRemove-Nightly 34.0a1 (x86 en-US) - d:\app\fx34debug\uninstall\helper.exe
AddRemove-UX 12.0a1 (x86 en-US) - d:\app\fx12-UX\uninstall\helper.exe
AddRemove-Aurora 8.0a2 (x86 en-US) - d:\app\fx8nightly\uninstall\helper.exe
AddRemove-Mozilla Firefox 34.0.5 (x86 en-US) - d:\app\fx34nightly\uninstall\helper.exe
AddRemove-Mozilla Firefox 5.0 (x86 en-US) - d:\app\fx5auroranightly\uninstall\helper.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2015-04-19 04:54:47
ComboFix-quarantined-files.txt 2015-04-19 09:54
.
Pre-Run: 16,267,366,400 bytes free
Post-Run: 16,212,508,672 bytes free
.
- - End Of File - - 422DE67C67E7A879998EE08FECDCD637
5C616939100B85E558DA92B899A0FC36

 

[Broni]

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Make sure you checkmark Addition.txt box.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.