HiJackThis and MBAM logs

[zma1013]

I'm new here because G4TV.com forums are gone for some reason. I ran 2 MBAM scans, 1 quick, 1 full, and hijackthis. Computer still acting goofy, running slow with errors. Hopefully someone can help me, thanks.

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.24.05

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Owner :: OWNER-PC [administrator]

3/24/2013 12:54:09 PM

mbam-log-2013-03-24 (12-54-09).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 241369

Time elapsed: 19 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 26

HKCR\CLSID\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\TypeLib\{B0F8BCAB-09BF-4103-9D46-AD55988990E1} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\Interface\{243361A8-3697-4811-A74B-1BE379CAA00E} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\GamevanceText.Linker.1 (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\GamevanceText.Linker (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3AA42713-5C1E-48E2-B432-D8BF420DD31D} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.

HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\OneMoreKey (Rogue.Installer) -> Quarantined and deleted successfully.

HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 3

HKCU\SOFTWARE|24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE|7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dfrgsnapnt.exe (Trojan.Downloader) -> Data: C:\Users\Owner\AppData\Local\Temp\dfrgsnapnt.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 2

HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-21-2649331228-3696308728-864307741-1001\$b3f08df6c24d4fddd17a20c40a7cc55e\n.) Good: (shell32.dll) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 1

C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Files Detected: 6

C:\$RECYCLE.BIN\S-1-5-21-2649331228-3696308728-864307741-1001\$b3f08df6c24d4fddd17a20c40a7cc55e\n (Trojan.0Access) -> Delete on reboot.

C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

(end)

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.24.05

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Owner :: OWNER-PC [administrator]

3/24/2013 1:30:35 PM

mbam-log-2013-03-24 (13-30-35).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 475243

Time elapsed: 2 hour(s), 8 minute(s), 16 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 6

C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Owner\wgsdgsdgdsgsd.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.

C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\46e65ed6-36658ab9 (Trojan.Agent.ED) -> Quarantined and deleted successfully.

C:\$RECYCLE.BIN\S-1-5-18\$b3f08df6c24d4fddd17a20c40a7cc55e\U\00000001.@ (Trojan.0Access) -> Quarantined and deleted successfully.

C:\$RECYCLE.BIN\S-1-5-21-2649331228-3696308728-864307741-1001\$b3f08df6c24d4fddd17a20c40a7cc55e\U\00000001.@ (Trojan.0Access) -> Quarantined and deleted successfully.

C:\$RECYCLE.BIN\S-1-5-21-2649331228-3696308728-864307741-1001\$b3f08df6c24d4fddd17a20c40a7cc55e\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.

C:\$RECYCLE.BIN\S-1-5-21-2649331228-3696308728-864307741-1001\$b3f08df6c24d4fddd17a20c40a7cc55e\U\800000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.

(end)

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:39:36 AM, on 3/28/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16470)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

C:\Windows\zHotkey.exe

C:\Windows\ModPS2Key.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\AOL\1180264516\ee\aolsoftware.exe

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE

C:\Program Files\Verizon\VSP\VerizonServicepoint.exe

C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrchMn.exe

C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe

C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^CD^xdm003^S01785^us&ptb=3B888287-4246-45A0-8F15-73B132E669EE&si=CKrD8YyG8LECFQJN4AodcXAAHg

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5428

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Free TV Bar Toolbar - {a0729639-d831-46c9-811b-9b0aa79fb45a} - C:\Program Files\Free_TV_Bar\prxtbFre0.dll

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing)

R3 - URLSearchHook: Produtools Manuals 2.1 Toolbar - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files\Produtools_Manuals_2.1\prxtbPro0.dll

R3 - URLSearchHook: (no name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Trellian BHO Impl - {24180B00-2EB6-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Toolbar BHO - {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\PROGRA~1\COUPON~2\bar\1.bin\2pbar.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O2 - BHO: Search Assistant BHO - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL (file missing)

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Updater For Verizon Toolbar - {96673559-e653-4cdc-8923-f89347a952c0} - C:\Program Files\verizontb\auxi\verizonAu.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL

O2 - BHO: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL (file missing)

O2 - BHO: Free TV Bar - {a0729639-d831-46c9-811b-9b0aa79fb45a} - C:\Program Files\Free_TV_Bar\prxtbFre0.dll

O2 - BHO: Produtools Manuals 2.1 - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files\Produtools_Manuals_2.1\prxtbPro0.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll

O2 - BHO: Verizon Toolbar - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL (file missing)

O3 - Toolbar: Free TV Bar Toolbar - {a0729639-d831-46c9-811b-9b0aa79fb45a} - C:\Program Files\Free_TV_Bar\prxtbFre0.dll

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (file missing)

O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll

O3 - Toolbar: Produtools Manuals 2.1 Toolbar - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files\Produtools_Manuals_2.1\prxtbPro0.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: Verizon Toolbar - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll

O3 - Toolbar: Coupon Alert - {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pbar.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup

O4 - HKLM\..\Run: [CHotkey] zHotkey.exe

O4 - HKLM\..\Run: [showWnd] ShowWnd.exe

O4 - HKLM\..\Run: [ModPS2] ModPS2Key.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1180264516\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe

O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"

O4 - HKLM\..\Run: [starzTray] C:\Program Files\StarzPlay\StarzPlayTray.exe

O4 - HKLM\..\Run: [symLnch] "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe" "C:\PROGRA~1\COMMON~1\SYMANT~1\SymSetup\{C1C18~1\Setup.exe" " /X"

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [Coupon Alert Search Scope Monitor] "C:\PROGRA~1\COUPON~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [CouponAlert_2p Browser Plugin Loader] C:\PROGRA~1\COUPON~2\bar\1.bin\2pbrmon.exe

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Exetender] "C:\Program Files\Verizon Games on Demand Player\GPlayer.exe" /runonstartup

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files\Verizon Games on Demand Player\GPlayer.exe /runonstartup" (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2649331228-3696308728-864307741-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')

O4 - HKUS\S-1-5-21-2649331228-3696308728-864307741-1000\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'IUSR_NMPR')

O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Verizon Games on Demand Player\GPlayer.exe /runonstartup" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Verizon Games on Demand Player\GPlayer.exe /runonstartup" (User 'Default user')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: Coupon AlertService (CouponAlert_2pService) - COMPANYVERS_NAME - C:\PROGRA~1\COUPON~2\bar\1.bin\2pbarsvc.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe

O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe (file missing)

O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe

O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

O23 - Service: Verizon Internet Security Suite (Radialpoint Security Services) - Radialpoint SafeCare Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe

O23 - Service: Verizon Internet Security Suite SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe

O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Verizon\VSP\ServicepointService.exe

--

End of file - 15701 bytes

[CatByte]

I need a more in depth set of diagnostic logs to see what might still be left on your machine

please run the following:

Please download DDS from either of these links

LINK 1

LINK 2

and save it to your desktop.

• Disable any script blocking protection
  
• Double click dds to run the tool.
  
• When done, two DDS.txt's will open.
  
• Save both reports to your desktop.
  

---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt

Attach.txt.

NEXT

Please download aswMBR to your desktop.

• Double click the aswMBR.exe icon to run it
  
• When asked if you want to download Avast's virus definitions please select Yes.
  
• Click the Scan button to start the scan
  
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
  
• You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well
  

[zma1013]

I ran the DDS just fine, but the aswMBR did not make it through the scan. It stopped and said "aswMBR.exe - Bad Image" came up and then the computer crashed. It's the same error message that comes up on startup only there's other programs listed. I assume there's some bug still on the system causing these messages.

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16470

Run by Owner at 22:33:49 on 2013-03-29

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.430 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

AV: Verizon Internet Security Suite Anti-Virus *Disabled/Outdated* {A61154FD-4365-E00F-9A33-13A09AD54B56}

SP: Verizon Internet Security Suite Anti-Spyware *Disabled/Outdated* {1D70B519-655F-EF81-A083-28D2E15201EB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

FW: Verizon Internet Security Suite Firewall *Disabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\SLsvc.exe

C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\PROGRA~1\COUPON~2\bar\1.bin\2pbarsvc.exe

C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Windows\system32\lxcrcoms.exe

C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe

C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe

C:\Program Files\Verizon\VSP\ServicepointService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Verizon\Verizon Internet Security Suite\rps.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe

C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe

C:\Windows\zHotkey.exe

C:\Windows\ModPS2Key.exe

C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\AOL\1180264516\ee\aolsoftware.exe

C:\Program Files\StarzPlay\StarzPlayTray.exe

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE

C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrchMn.exe

C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe

C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

C:\Program Files\Verizon\Verizon Internet Security Suite\Kav\Bin\ScanningProcess.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Verizon\VSP\VerizonServicepoint.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^CD^xdm003^S01785^us&ptb=3B888287-4246-45A0-8F15-73B132E669EE&si=CKrD8YyG8LECFQJN4AodcXAAHg

mStart Page = hxxp://www.yahoo.com/

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com

mDefault_Page_URL = hxxp://www.yahoo.com/

mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

uProxyOverride = <local>

mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5428

uURLSearchHooks: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\prxtbFre0.dll

uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} -

uURLSearchHooks: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - c:\program files\produtools_manuals_2.1\prxtbPro0.dll

uURLSearchHooks: <No Name>: {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - c:\program files\couponalert_2p\bar\1.bin\2pSrcAs.dll

uURLSearchHooks: <No Name>: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - c:\program files\mapsgalaxy_39\bar\1.bin\39SrcAs.dll

mURLSearchHooks: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\prxtbFre0.dll

mURLSearchHooks: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - c:\program files\produtools_manuals_2.1\prxtbPro0.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Toolbar BHO: {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll

BHO: Trellian BHO Impl: {24180B00-2EB6-11d7-BD6F-004854603DCE} - c:\program files\trellian\toolbar\toolbar.dll

BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll

BHO: Toolbar BHO: {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - c:\program files\couponalert_2p\bar\1.bin\2pbar.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>

BHO: Search Assistant BHO: {60e91567-ef8a-4520-bce2-83aba5256799} - c:\program files\couponalert_2p\bar\1.bin\2pSrcAs.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -

BHO: Search Assistant BHO: {71c1d63a-c944-428a-a5bd-ba513190e5d2} - c:\program files\mapsgalaxy_39\bar\1.bin\39SrcAs.dll

BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Updater For Verizon Toolbar: {96673559-e653-4cdc-8923-f89347a952c0} - c:\program files\verizontb\auxi\verizonAu.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\searchqu toolbar\datamngr\toolbar\searchqudtx.dll

BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - c:\program files\searchqu toolbar\datamngr\BrowserConnection.dll

BHO: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} -

BHO: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\prxtbFre0.dll

BHO: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - c:\program files\produtools_manuals_2.1\prxtbPro0.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll

BHO: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - LocalServer32 - <no file>

TB: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} -

TB: Free TV Bar Toolbar: {A0729639-D831-46C9-811B-9B0AA79FB45A} - c:\program files\free_tv_bar\prxtbFre0.dll

TB: Produtools Manuals 2.1 Toolbar: {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - c:\program files\produtools_manuals_2.1\prxtbPro0.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - LocalServer32 - <no file>

TB: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} -

TB: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\prxtbFre0.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: Trellian &Toolbar: {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - c:\program files\trellian\toolbar\toolbar.dll

TB: Produtools Manuals 2.1 Toolbar: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - c:\program files\produtools_manuals_2.1\prxtbPro0.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\searchqu toolbar\datamngr\toolbar\searchqudtx.dll

TB: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll

TB: Coupon Alert: {3462c343-be19-4143-af70-cefb56f46fc6} - c:\program files\couponalert_2p\bar\1.bin\2pbar.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} - c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Exetender] "c:\program files\verizon games on demand player\GPlayer.exe" /runonstartup

uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [CCUTRAYICON] c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe

mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup

mRun: [CHotkey] zHotkey.exe

mRun: [showWnd] ShowWnd.exe

mRun: [ModPS2] ModPS2Key.exe

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HostManager] c:\program files\common files\aol\1180264516\ee\AOLSoftware.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [ALUAlert] c:\program files\symantec\liveupdate\ALuNotify.exe

mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"

mRun: [starzTray] c:\program files\starzplay\StarzPlayTray.exe

mRun: [symLnch] "c:\program files\common files\symantec shared\symsetup\{c1c185ca-c531-49f5-a6fa-b838405a049d}_15_5_0_23\support\symlnch\symlnch.exe" "c:\progra~1\common~1\symant~1\symsetup\{c1c18~1\Setup.exe" " /X"

mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe

mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [DATAMNGR] c:\progra~1\search~1\datamngr\DATAMN~1.EXE

mRun: [Coupon Alert Search Scope Monitor] "c:\progra~1\coupon~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h

mRun: [CouponAlert_2p Browser Plugin Loader] c:\progra~1\coupon~2\bar\1.bin\2pbrmon.exe

mRun: [MapsGalaxy Search Scope Monitor] "c:\progra~1\mapsga~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

mRun: [MapsGalaxy_39 Browser Plugin Loader] c:\progra~1\mapsga~2\bar\1.bin\39brmon.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRun: [Exetender] "c:\program files\verizon games on demand player\GPlayer.exe /runonstartup"

dRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background

StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{2B251DC2-CA81-436C-BDD9-217B7E73555F} : DHCPNameServer = 192.168.1.1

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.2.0.7\COIEPLG.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs= c:\progra~1\search~1\datamngr\datamngr.dll c:\progra~1\search~1\datamngr\IEBHO.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1002000.007\cchpx86.sys [2008-12-16 362544]

R2 CouponAlert_2pService;Coupon AlertService;c:\progra~1\coupon~2\bar\1.bin\2pbarsvc.exe [2012-8-17 42504]

R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-10-29 208896]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-22 21504]

R2 MapsGalaxy_39Service;MapsGalaxyService;c:\progra~1\mapsga~2\bar\1.bin\39barsvc.exe [2012-9-30 42504]

R2 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-11-18 174552]

R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2011-4-13 28762]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]

R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\drivers\nmsgopro.sys [2006-9-27 28672]

R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2006-10-19 7424]

R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-9-22 693512]

R2 RadialpointSafeConnectAgent;Verizon Internet Security Suite SafeConnectAgent;c:\program files\verizon\verizon internet security suite\safeconnect\bin\SanaAgent.exe [2008-11-14 4937752]

R2 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2011-3-24 689464]

R2 X4HSX32Ex;X4HSX32Ex;c:\program files\verizon games on demand player\X4HSX32Ex.sys [2009-5-17 29856]

R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2007-2-26 5504]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]

R3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-9-22 910600]

R3 Radialpoint Security Services;Verizon Internet Security Suite;c:\program files\verizon\verizon internet security suite\RpsSecurityAwareR.exe [2009-3-26 175184]

R3 RadialpointSafeConnectDriver;RadialpointSafeConnectDriver;c:\program files\verizon\verizon internet security suite\safeconnect\driver\platform_vista\SafeConnectDriver.sys [2008-11-14 161304]

R3 RadialpointSafeConnectFilter;RadialpointSafeConnectFilter;c:\program files\verizon\verizon internet security suite\safeconnect\driver\platform_vista\SafeConnectFilter.sys [2008-11-14 29720]

R3 RadialpointSafeConnectShim;RadialpointSafeConnectShim;c:\program files\verizon\verizon internet security suite\safeconnect\driver\platform_vista\SafeConnectShim.sys [2008-11-14 29248]

S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1002000.007\BHDrvx86.sys [2008-12-16 255536]

S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.2.0.7\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.2.0.7\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.2.0.7\ccSvcHst.exe [?]

S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"

.

=============== Created Last 30 ================

.

2013-03-30 01:07:54 7108640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0ef60341-6f7d-4ca9-a5a9-88013a5817b2}\mpengine.dll

2013-03-28 04:33:13 388096 ----a-r- c:\users\owner\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2013-03-28 04:33:11 -------- d-----w- c:\program files\Trend Micro

2013-03-27 21:26:01 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2013-03-27 21:10:59 7108640 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-03-25 03:51:00 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2013-03-25 03:51:00 515416 ----a-w- c:\windows\system32\XAudio2_5.dll

2013-03-25 03:50:59 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2013-03-24 22:13:39 15712 ----a-w- c:\program files\common files\windows live\.cache\d62e58991ce28dc21\MeshBetaRemover.exe

2013-03-24 22:12:56 525656 ----a-w- c:\program files\common files\windows live\.cache\bbdc10991ce28dc1a\DXSETUP.exe

2013-03-24 22:12:56 1691480 ----a-w- c:\program files\common files\windows live\.cache\bbdc10991ce28dc1a\dsetup32.dll

2013-03-24 22:12:55 94040 ----a-w- c:\program files\common files\windows live\.cache\bbdc10991ce28dc1a\DSETUP.dll

2013-03-24 22:12:53 525656 ----a-w- c:\program files\common files\windows live\.cache\b910bb991ce28dc19\DXSETUP.exe

2013-03-24 22:12:53 1691480 ----a-w- c:\program files\common files\windows live\.cache\b910bb991ce28dc19\dsetup32.dll

2013-03-24 22:12:52 94040 ----a-w- c:\program files\common files\windows live\.cache\b910bb991ce28dc19\DSETUP.dll

2013-03-24 22:11:54 6260088 ----a-w- c:\program files\common files\windows live\.cache\9653e9191ce28dc0e\Silverlight.4.0.exe

2013-03-24 22:10:21 -------- d-----w- c:\users\owner\appdata\local\Windows Live

2013-03-24 22:09:01 754688 ----a-w- c:\windows\system32\webservices.dll

2013-03-24 21:19:41 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1e9f2365-e845-48e6-968f-6943cdd424fb}\gapaengine.dll

2013-03-24 20:52:06 -------- d-----w- c:\program files\Microsoft Security Client

2013-03-24 20:49:22 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2013-03-24 16:34:06 -------- d-----w- c:\users\owner\appdata\roaming\Malwarebytes

2013-03-24 16:33:38 -------- d-----w- c:\programdata\Malwarebytes

2013-03-24 16:33:32 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-24 16:33:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-24 15:59:24 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f22a94f1-91a5-42fd-a988-e2e2924d5b4b}\mpengine.dll

2013-03-24 15:55:21 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-16 00:24:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

==================== Find3M ====================

.

2013-03-14 20:51:08 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-14 20:51:08 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-20 19:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-20 19:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2013-01-05 05:26:01 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-05 05:26:01 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-04 11:28:19 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-01-04 01:55:18 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-01-04 01:38:50 2048512 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 22:35:33.94 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2/26/2007 11:22:35 AM

System Uptime: 3/29/2013 8:43:58 PM (2 hours ago)

.

Motherboard: Intel Corporation | | D945GCL

Processor: Intel® Pentium® D CPU 3.20GHz | LGA 775 | 3194/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 223 GiB total, 152.546 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 4.332 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description:

Device ID: ROOT\PRINTER\0000

Manufacturer:

Name:

PNP Device ID: ROOT\PRINTER\0000

Service:

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 11 ActiveX

Adobe Reader 8.1.4

Agere Systems PCI-SV92PP Soft Modem

AOL Uninstaller (Choose which Products to Remove)

BigFix

Bing Bar

Browser Address Error Redirector

Chessmaster Grandmaster Edition

Coupon Printer for Windows

CouponAlert Toolbar

Digital Media Reader

Free_TV_Bar Toolbar

Gateway Games

Gateway Recovery Center Installer

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hoyle Board Games 5

iLivid

Image Plugin

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

Intel® PRO Network Connections Drivers

Intel® Viiv Software

Java SE Runtime Environment 6

Lexmark 2400 Series

Linkit_eBay

LiveUpdate (Symantec Corporation)

LiveUpdate Notice (Symantec Corporation)

Malwarebytes Anti-Malware version 1.70.0.1100

MapBuilder

MapsGalaxy Toolbar

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Starter Edition 2006

Microsoft Digital Image Starter Edition 2006 Editor

Microsoft Digital Image Starter Edition 2006 Library

Microsoft Money 2006

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Web Search

Napster

Napster Burn Engine

Norton Internet Security

OGA Notifier 2.0.0048.0

PerfectDisk 2008

Power2Go 5.0

Produtools Manuals 2.1 Toolbar

PS2 Multimedia Keyboard Driver

Railroad Tycoon 3

Rand McNally StreetFinder Deluxe 1999

Rhapsody Player Engine

RPS Burn

RPS CRT

RPS Diagnostic Utility

RPS Firewall

RPS Ksdk

RPS ParentalControl

RPS PerfectDiskStub

RPS RpsCore

RPS SafeConnect

RTC Client API v1.2

Searchqu Toolbar

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

SigmaTel Audio

Spelling Dictionaries Support For Adobe Reader 8

Starz Play

ToolbarBrowser v2.4

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Verizon Broadband Toolbar

Verizon Games on Demand Player

Verizon Help and Support Tool

Verizon High Speed Internet

Verizon Internet Security Suite

Verizon Servicepoint 3.7.44

Verizon Toolbar

Viewpoint Media Player

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Live Upload Tool

Yahoo! Install Manager

.

==== End Of File ===========================

[CatByte]

Please run the following:

Please download TDSSKiller.zip

• Extract it to your desktop
  
• Double click TDSSKiller.exe
  
• when the window opens, click on Change Parameters
  
• under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  
• click OK
  
• Press Start Scan
  
  • As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
    
  • Then click Continue > Reboot now
    

  [*]Copy and paste the log in your next reply

  • A copy of the log will be saved automatically to the root of the drive (typically C:\)
    

[zma1013]

Nothing was found. There was nothing to skip and there was no continue>reboot prompt.

[CatByte]

ok, good

please run the following:

Refer to the ComboFix User's Guide

1. Download ComboFix from the following location:
   Link
   * IMPORTANT !!! Place ComboFix.exe on your Desktop
   
2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
   You can get help on disabling your protection programs here
   
3. Double click on ComboFix.exe & follow the prompts.
   
4. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
   
5. When finished, it shall produce a log for you. Post that log in your next reply
   Note:
   Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
   ---------------------------------------------------------------------------------------------
   
6. Ensure your AntiVirus and AntiSpyware applications are re-enabled.
   ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[zma1013]

ComboFix 13-03-31.01 - Owner 03/31/2013 2:26.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.315 [GMT -4:00]

Running from: c:\users\Owner\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

c:\program files\MyWebSearch\bar\2.bin\F3CJpeg.dll

c:\program files\MyWebSearch\bar\2.bin\F3DTactl.dll

c:\program files\MyWebSearch\bar\2.bin\F3HTmlmu.dll

c:\program files\MyWebSearch\bar\2.bin\F3HTtpct.dll

c:\program files\MyWebSearch\bar\2.bin\F3SCrctr.dll

c:\program files\MyWebSearch\bar\2.bin\M3HTml.dll

c:\program files\MyWebSearch\bar\2.bin\M3MSg.dll

c:\program files\MyWebSearch\bar\2.bin\M3OUtlcn.dll

c:\users\Owner\GoToAssistDownloadHelper.exe

c:\windows\system32\system

c:\windows\Update.bat

D:\Autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_WINLOGON.SYS

-------\Service_CouponAlert_2pService

-------\Service_MyWebSearchService

-------\Service_winlogon.sys

.

.

((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-31 )))))))))))))))))))))))))))))))

.

.

2013-03-31 02:56 . 2013-03-19 09:50 7108640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C17B1CE-F148-4624-A3A0-257C4023C65B}\mpengine.dll

2013-03-30 01:07 . 2013-03-19 09:50 7108640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-03-28 04:33 . 2013-03-28 04:33 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-03-28 04:33 . 2013-03-28 04:33 -------- d-----w- c:\program files\Trend Micro

2013-03-27 21:26 . 2013-03-27 21:26 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2013-03-25 03:50 . 2009-09-04 21:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2013-03-25 03:48 . 2013-03-27 20:54 -------- d-----w- c:\program files\Microsoft Silverlight

2013-03-24 22:13 . 2013-03-24 22:13 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\d62e58991ce28dc21\MeshBetaRemover.exe

2013-03-24 22:12 . 2013-03-24 22:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\DXSETUP.exe

2013-03-24 22:12 . 2013-03-24 22:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\dsetup32.dll

2013-03-24 22:12 . 2013-03-24 22:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\DSETUP.dll

2013-03-24 22:12 . 2013-03-24 22:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\DXSETUP.exe

2013-03-24 22:12 . 2013-03-24 22:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\dsetup32.dll

2013-03-24 22:12 . 2013-03-24 22:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\DSETUP.dll

2013-03-24 22:11 . 2013-03-24 22:11 6260088 ----a-w- c:\program files\Common Files\Windows Live\.cache\9653e9191ce28dc0e\Silverlight.4.0.exe

2013-03-24 22:10 . 2013-03-24 22:10 -------- d-----w- c:\users\Owner\AppData\Local\Windows Live

2013-03-24 21:19 . 2012-10-23 11:04 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E9F2365-E845-48E6-968F-6943CDD424FB}\gapaengine.dll

2013-03-24 20:52 . 2013-03-24 20:54 -------- d-----w- c:\program files\Microsoft Security Client

2013-03-24 20:49 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2013-03-24 16:34 . 2013-03-24 16:34 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes

2013-03-24 16:33 . 2013-03-24 20:02 -------- d-----w- c:\programdata\Malwarebytes

2013-03-24 16:33 . 2013-03-24 16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-24 16:33 . 2012-12-14 20:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-24 15:55 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-16 00:24 . 2013-02-02 03:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-15 07:21 . 2013-03-24 15:59 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F22A94F1-91A5-42FD-A988-E2E2924D5B4B}\mpengine.dll

2013-03-14 20:51 . 2012-06-14 20:13 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-14 20:51 . 2012-06-14 20:13 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-02 03:30 . 2013-03-16 00:23 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-02-02 03:26 . 2013-03-16 00:23 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-01-30 10:53 . 2009-10-02 19:52 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-20 19:59 . 2013-01-20 19:59 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-20 19:59 . 2013-01-20 19:59 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2013-01-05 05:26 . 2013-02-12 19:56 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-05 05:26 . 2013-02-12 19:56 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-04 11:28 . 2013-02-12 19:56 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-01-04 01:55 . 2013-02-12 19:56 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-01-04 01:38 . 2013-02-12 19:56 2048512 ----a-w- c:\windows\system32\win32k.sys

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

.

.

[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys

[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[7] 2006-11-02 . AC3DD1708B22761EBD7CBE14DCC3B5D7 . 6144 . . [6.0.6000.16386] . . c:\windows\System32\beep.sys

.

.

.

.

[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys

[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys

[7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys

.

[7] 2013-01-04 . 3535CD93F944C00F098E73E12EE7FEB6 . 914792 . . [6.0.6002.23013] . . c:\windows\System32\drivers\tcpip.sys

[7] 2013-01-04 . 3535CD93F944C00F098E73E12EE7FEB6 . 914792 . . [6.0.6002.23013] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys

[7] 2013-01-04 . 74E2D020C47BB2B2FCCBA29A518A7EB4 . 905576 . . [6.0.6002.18764] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys

[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys

.

[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll

[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll

[7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll

.

[7] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe

[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe

[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe

[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe

[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe

[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe

[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe

[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe

[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe

[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe

[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe

[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe

[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe

[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe

[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe

[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe

[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe

[7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe

.

[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll

[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll

[7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll

.

[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll

[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll

[7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll

.

[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll

[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

[7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll

[7] 2007-08-29 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll

[7] 2007-08-29 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll

[7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll

.

[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll

[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll

[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll

[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll

[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll

[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll

[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll

[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll

.

[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe

[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

[7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe

[7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe

.

[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe

[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe

[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe

[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe

[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe

[7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe

[7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe

.

[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe

[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

.

.

[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys

[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys

[7] 2008-01-19 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys

[7] 2006-11-02 . AB4FDE8AF4A0270A46A001C08CBCE1C2 . 68096 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys

.

[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll

[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll

[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll

[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll

[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll

[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll

[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll

[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll

[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll

[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll

[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

[7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll

[7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

[7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll

[7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll

[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll

.

[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll

[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll

[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll

[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll

[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll

[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

[7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

[7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll

.

[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll

[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll

[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll

[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll

[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll

[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll

[7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll

[7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll

.

[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll

[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll

[7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll

.

[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll

[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll

[7] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll

[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll

[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll

[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll

[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll

[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll

[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll

[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll

[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll

[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll

[7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll

[7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll

.

[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll

[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll

.

[7] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll

[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll

[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll

[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll

[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll

[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll

[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll

[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll

[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll

[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll

[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll

[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll

[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll

[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll

[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll

[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll

[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll

[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll

[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll

[7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll

.

[7] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll

[7] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll

[7] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll

[7] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll

[7] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll

[7] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll

[7] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll

[7] 2012-10-08 . 8D1BB1E5A033E8817EF94A9047630165 . 12320768 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16455_none_d319def060227a5d\mshtml.dll

[7] 2012-10-08 . F7B251DA2FA89933771289793DCAA08B . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20562_none_d395aaf1794aea13\mshtml.dll

[7] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20557_none_d3a57c4f793e4cd5\mshtml.dll

[7] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16450_none_d314dd7e6026fbaa\mshtml.dll

[7] 2012-06-29 . 5E8E869E1342308752A37A2C90CCA79D . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16448_none_d327afba6017aa71\mshtml.dll

[7] 2012-06-28 . AEC51857AEC2F5CE4520366240AFC671 . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20554_none_d3a27b71794100d0\mshtml.dll

[7] 2012-06-02 . 6820A9E91AFF7CB3A510360D8CCD9BDD . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16447_none_d326af706018911a\mshtml.dll

[7] 2012-06-02 . 1ABF770552EA9D4FE90F654468FAF4CE . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20553_none_d3a17b277941e779\mshtml.dll

[7] 2012-05-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16446_none_d325af26601977c3\mshtml.dll

[7] 2012-05-17 . 761D9111F5A2619CB5060661D36FBFFF . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20551_none_d39f7a937943b4cb\mshtml.dll

[7] 2012-04-15 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16441_none_d320adb4601df910\mshtml.dll

[7] 2012-02-28 . 6758A38197024E71F71FFF507A1AD2F1 . 5980672 . . [8.00.6001.23318] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_f6b2e34b5115671c\mshtml.dll

[7] 2012-02-28 . 5F25D5561F5BDA32EDE1193EC01529BF . 5978624 . . [8.00.6001.19222] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_f61874d838054b39\mshtml.dll

[7] 2012-02-28 . F82BF2CB075B49E9FAB5FF213C45C020 . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16443_none_d322ae48601c2bbe\mshtml.dll

[7] 2012-02-28 . B9E083B14B1994F1255983F2DF31C7DF . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20548_none_d3b14c8579354a3b\mshtml.dll

[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll

[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll

[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll

[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll

.

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll

[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll

[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll

[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll

[7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll

[7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll

.

[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll

[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll

[7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

[7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll

.

[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll

[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

.

[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll

[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll

[7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll

[7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll

.

[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll

[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

.

[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll

[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll

[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll

.

[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe

[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe

.

[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll

[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll

[7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll

[7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll

.

[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll

[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[7] 2007-05-19 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll

[7] 2007-05-19 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll

[7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll

.

[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe

[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

.

[7] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll

[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll

[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll

[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll

[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll

[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll

[7] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll

[7] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll

[7] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll

[7] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll

[7] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll

[7] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll

[7] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll

[7] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll

[7] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll

[7] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll

[7] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll

[7] 2012-04-15 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll

[7] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.23318] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll

[7] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.19222] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll

[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll

[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll

[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll

[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll

[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll

[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll

[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll

[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll

[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll

[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll

[7] 2010-09-09 . 48E9D41DED106BB5B57C194002940862 . 842240 . . [7.00.6002.22484] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22484_none_04068f5cb8543aa2\wininet.dll

[7] 2010-09-09 . E51398091D9467C369AE5B72A0729398 . 841728 . . [7.00.6001.22760] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22760_none_0231bc24bb214840\wininet.dll

[7] 2010-09-08 . 7079877D59D128E9AB45F5370C0B4AD2 . 833024 . . [7.00.6001.18527] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18527_none_01da5f29a1dcecec\wininet.dll

[7] 2010-09-08 . C7BCDC2D355271AE2B87A93A1E24AEAF . 834048 . . [7.00.6002.18309] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18309_none_03d873639ef13a03\wininet.dll

[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll

[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll

[7] 2010-06-29 . C25CA4544D5716FDD9C2D3C942A2D0C9 . 834560 . . [7.00.6002.22434] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22434_none_043c9ef8b82baeed\wininet.dll

[7] 2010-06-29 . B3FC2F131B72F22857A342039328CF5D . 834048 . . [7.00.6002.18278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18278_none_038bc1bf9f2ae71c\wininet.dll

[7] 2010-06-28 . 56802F604444B085DB3FD5BE6B9A08A9 . 834048 . . [7.00.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22720_none_025cfbd4bb00d87c\wininet.dll

[7] 2010-06-28 . A66BCE6FFA302A0DD75D54B708A554AA . 833024 . . [7.00.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18498_none_018fae19a214ccb3\wininet.dll

[7] 2010-05-04 . 42534A33F524671A160AAC4456B2BB4C . 834560 . . [7.00.6002.22398] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22398_none_03ffbeb2b858bec8\wininet.dll

[7] 2010-05-04 . 4C4F5080682BF9B1100D5938C12B55F9 . 834048 . . [7.00.6002.18255] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18255_none_039e60b99f1d6335\wininet.dll

[7] 2010-05-04 . F12FBAF1DA549CBB79E6D89AD3A57ED0 . 833024 . . [7.00.6001.18470] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18470_none_019d4ba1a20bca19\wininet.dll

[7] 2010-05-04 . 0DC7A1B98FE22C894DB7505F1B5303B7 . 834048 . . [7.00.6001.22685] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22685_none_02211bd8bb2d01ae\wininet.dll

[7] 2010-03-11 . C5EC0879DF48AB8846FFFC21F707A504 . 834560 . . [7.00.6002.22360] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22360_none_04182c26b847a03d\wininet.dll

[7] 2010-03-11 . 2744014FD9E9069E73CBC7797ACEDCDD . 834048 . . [7.00.6001.22653] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22653_none_023f8b08bb167b2d\wininet.dll

[7] 2010-03-09 . 0F340B61FA7221DDF8B8375BC0217B71 . 832512 . . [7.00.6000.17037] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.17037_none_ffe924eda4beb0e0\wininet.dll

[7] 2010-03-09 . F245376BFFED63999B0290601128A72A . 841216 . . [7.00.6000.21242] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21242_none_0062f240bde8eb0f\wininet.dll

[7] 2010-03-09 . 76C9A358D176DD7904C8A72BB7235608 . 833024 . . [7.00.6001.18444] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18444_none_01c1bc8da1efdba2\wininet.dll

[7] 2010-03-09 . 1846CD5B8EE042DB00DEB0A50ABF6737 . 834048 . . [7.00.6002.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18226_none_03bfd0c79f0428b9\wininet.dll

[7] 2009-12-18 . 27DFDEA0533477C8923FC874F6439CF0 . 833024 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18385_none_01977b41a20f6796\wininet.dll

[7] 2009-12-18 . C7A318E74FEF945EBFF855C1513CD96C . 832512 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16982_none_ffae3bbda4eb8aa0\wininet.dll

[7] 2009-12-18 . 6F837BD5085F73A8FF0425AA6705A8D1 . 841216 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21184_none_0039b13ebe07905a\wininet.dll

[7] 2009-12-18 . 4D36519B1212659127A4CFCC19E33049 . 834048 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22585_none_022119f2bb2d0487\wininet.dll

[7] 2009-12-17 . C86BBCF0DA44F2B36C9AA59032916EF0 . 834048 . . [7.00.6002.22290] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22290_none_03f7ba7cb85ff6e9\wininet.dll

[7] 2009-12-16 . 565B8A25FB59E8E1F5ED59C95F72B7D7 . 834048 . . [7.00.6002.18167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18167_none_03958f7b9f23b4ad\wininet.dll

[7] 2009-10-27 . BA95D134FE1A3577A174D9A85D6ED1F1 . 832512 . . [7.00.6000.16945] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16945_none_ffdc7c4ba4c866e1\wininet.dll

[7] 2009-10-27 . 3F564B34F047885934DA5D3479ED0716 . 834048 . . [7.00.6002.18130] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18130_none_03aefd399f11af79\wininet.dll

[7] 2009-10-27 . 8C8A7E47DBB25EB94C29152BD08CF436 . 833024 . . [7.00.6001.18349] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18349_none_01c6bc19a1eb5d2e\wininet.dll

[7] 2009-10-27 . 0F34E919E086E834052850B6E57050F3 . 841216 . . [7.00.6000.21148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21148_none_0068f216bde385f2\wininet.dll

[7] 2009-10-27 . F1D8D50E054ADDF05D708A8676868763 . 834048 . . [7.00.6001.22550] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22550_none_023c8844bb193201\wininet.dll

[7] 2009-10-27 . C50C20FB2B5B5F228F7B1BA8925107B0 . 834048 . . [7.00.6002.22252] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22252_none_0424fac0b83db9d3\wininet.dll

[7] 2009-08-27 . 2BD22AA29893876347BA1BE62487748A . 832512 . . [7.00.6000.16916] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll

[7] 2009-08-27 . D5709010F06FEC697CCB2831D0821E0B . 840704 . . [7.00.6000.21116] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll

[7] 2009-08-27 . 604E16194F1E60084B948ACAE8334E0F . 833024 . . [7.00.6001.18319] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll

[7] 2009-08-27 . C628812EA5016B1C3E13E082940D5AF6 . 834048 . . [7.00.6001.22508] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll

[7] 2009-08-27 . 5E382486BCCCF4C50A810E2DF18C8CDB . 834048 . . [7.00.6002.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll

[7] 2009-08-27 . D88D19604AACE2101B13260322FB4A3A . 834048 . . [7.00.6002.18100] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll

[7] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll

[7] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll

[7] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll

[7] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll

[7] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll

[7] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll

[7] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll

[7] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll

[7] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll

[7] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll

[7] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll

[7] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll

[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll

[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll

[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll

[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll

[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll

[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll

[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll

[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll

[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll

[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll

[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll

[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll

[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll

[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll

[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll

[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll

[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll

[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll

[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll

[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll

[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll

[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll

[7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll

[7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll

[7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll

[7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll

[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll

[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll

[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll

[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll

[7] 2008-02-14 . 0AD9BE4F82F0389EC9B8A58F2FD16442 . 824832 . . [7.00.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16609_none_000bb771a4a46504\wininet.dll

[7] 2008-02-14 . 39FBDEC53D5F7C5F4B7C35B9B1926A0F . 825344 . . [7.00.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20734_none_006fe306bdded9ee\wininet.dll

[7] 2008-01-19 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll

[7] 2007-12-12 . F3B7B70B789056994406377CA8B06829 . 824832 . . [7.00.6000.16575] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16575_none_ffbc04efa4e0c618\wininet.dll

[7] 2007-12-12 . 0683CBA27E3111CB87B682CA66475C0C . 825344 . . [7.00.6000.20697] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20697_none_00320276be0cd072\wininet.dll

[7] 2007-10-10 . 38F6BA60380A45EFB07CDAAECDC394F2 . 825344 . . [7.00.6000.20663] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20663_none_004e7112bdf81743\wininet.dll

[7] 2007-10-10 . 5AED372CFC645834DA3DD287CEF21473 . 824832 . . [7.00.6000.16546] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16546_none_ffdd74fda4c78b9c\wininet.dll

[7] 2007-08-17 . 4E0726724C9387B9012BA90928A2AF4F . 824320 . . [7.00.6000.20627] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20627_none_007db1eabdd40cdb\wininet.dll

[7] 2007-08-17 . E7E09F39D29388CD34F21C188E462BD9 . 823808 . . [7.00.6000.16512] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16512_none_fff9e399a4b2d26d\wininet.dll

[7] 2007-06-13 . 355F1F19DAAD8F769936752F993EA8BF . 823808 . . [7.00.6000.20583] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe\wininet.dll

[7] 2007-06-13 . 9C1C977FA682D428C7133CF29013211B . 822784 . . [7.00.6000.16473] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643\wininet.dll

[7] 2007-05-19 . 1EA5200F3D45EFDFC25F630A52DDF9E5 . 823296 . . [7.00.6000.20547] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20547_none_0068102cbde44796\wininet.dll

[7] 2007-05-19 . 7DBB98EBB2D267ACF9E6BC04AEC6CBF3 . 822784 . . [7.00.6000.16448] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16448_none_ffdf73aba4c5c123\wininet.dll

[7] 2006-11-02 . 214A456AADCC7DD1B36E2287BA71A9CA . 822272 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll

.

[zma1013]

[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll

[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[7] 2006-11-02 . D99A071C1018BB3D4ABAAD4B62048AC2 . 178688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

.

[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll

[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll

.

[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe

[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[7] 2008-01-19 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[7] 2007-11-14 . 6D06CD98D954FE87FB2DB8108793B399 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe

[7] 2007-11-14 . BD06F0BF753BC704B653C3A50F89D362 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe

[7] 2006-11-02 . FD8C53FB002217F6F888BCF6F5D7084D . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

.

[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe

[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

[7] 2006-11-02 . F13123E76FDA33E55F11E0EB832E832A . 134656 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe

.

[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll

[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll

[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll

[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll

[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll

[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll

[7] 2008-01-19 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll

[7] 2006-11-02 . CCE6FB960F8985BF500CE9CB0B2EF4CF . 1314816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll

.

[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll

[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll

[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll

[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll

[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll

[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll

[7] 2008-01-19 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll

[7] 2006-11-02 . 456FB859236C9074ACF6C3B6243D8B46 . 502784 . . [1.0626.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6000.16386_none_aac3b7125b914f5a\usp10.dll

.

[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll

[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6000.16386_none_e5cada609a6133bd\ksuser.dll

[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll

.

[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe

[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

.

[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll

[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll

[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll

[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll

[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll

[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll

[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll

[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll

[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll

.

[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll

[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll

.

[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll

[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

.

[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe

[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[7] 2006-11-02 . D4385B03E8CCCEE6F0EE249F827C1F3E . 95744 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

.

[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll

[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll

[7] 2008-01-19 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll

[7] 2006-11-02 . 9A043808667C8C1893DA7275AF373F0E . 105984 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6000.16386_none_872f43bd868c402d\regsvc.dll

.

[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll

[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll

[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll

[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll

[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll

[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll

[7] 2008-02-14 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll

[7] 2008-02-14 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll

[7] 2008-01-19 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll

[7] 2006-11-02 . 5C72614E6625D39CC1504BF078FDC4CA . 595456 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16386_none_2cca5c959a1767e4\schedsvc.dll

.

[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll

[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll

[7] 2006-11-02 . 8D3E4BAFF8B3997138C38EB1B600519A . 155136 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6000.16386_none_7d92b0efd44d38e1\ssdpsrv.dll

.

[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll

[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll

[7] 2008-01-19 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll

[7] 2006-11-02 . FAD71C1E8E4047B154E899AE31EB8CAA . 427520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll

.

[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll

[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll

[7] 2006-11-02 . 312BA286EB3BE9EAE82DA427ED2C0284 . 291840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6000.16386_none_adff83b897ae75bd\hnetcfg.dll

.

.

[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll

[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll

[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll

[7] 2006-11-02 . D7657856319941907BBDC2A11713CFD7 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6000.16386_none_f6ca18a8459b3244\ias.dll

.

[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll

[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll

[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll

[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll

[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll

[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll

.

[7] 2013-01-22 . 490BDB5E56352494E699FBA870045EC7 . 3604328 . . [6.0.6002.23025] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_6e8fbef1ca72d1da\ntkrnlpa.exe

[7] 2013-01-05 . E185428925DBC53CE59B2A5CBA64B837 . 3602808 . . [6.0.6002.18765] . . c:\windows\System32\ntkrnlpa.exe

[7] 2013-01-05 . E185428925DBC53CE59B2A5CBA64B837 . 3602808 . . [6.0.6002.18765] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_6ddb086eb175716b\ntkrnlpa.exe

[7] 2012-08-29 . 0802CFF50B3020D49884195DC065CF20 . 3604352 . . [6.0.6002.22920] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_6e8ae55dca771fe5\ntkrnlpa.exe

[7] 2012-08-29 . 244C631BE2F7F36EAD9DDAEED95AA298 . 3602816 . . [6.0.6002.18686] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_6dc666fab184c57d\ntkrnlpa.exe

[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntkrnlpa.exe

[7] 2012-04-03 . BEF3218359377715B1D85D7DF823E123 . 3604352 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntkrnlpa.exe

[7] 2012-03-06 . 67FB74F129CD6EB6A299B232B09F2FD8 . 3602816 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntkrnlpa.exe

[7] 2012-03-06 . 67C80F4BEF37E4F40AC38BBE6BCC6198 . 3603840 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntkrnlpa.exe

.

[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll

[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll

[7] 2006-11-02 . 8EB871A3DEB6B3D5A85EB6DDFC390B59 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6000.16386_none_bfb172793798ecfb\upnphost.dll

.

[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll

[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll

[7] 2008-01-19 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll

[7] 2006-11-02 . 68AC082734363E6BA813E7EAA353DB13 . 445440 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6000.16386_none_5664fc5c44f7ce2c\dsound.dll

.

[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll

[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll

[7] 2008-01-19 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll

[7] 2006-11-02 . E72A22DCF0733AC06695ACD2268F6EB3 . 1788416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6000.16386_none_c016aaa963db2525\d3d9.dll

.

[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll

[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll

[7] 2006-11-02 . 29EF7A2EE634DD701571E781DE5E7E91 . 528384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6000.16386_none_02cee0f0c3162de9\ddraw.dll

.

[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll

[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll

[7] 2008-01-19 07:36 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll

[7] 2006-11-02 09:46 . DF54915B3DD106854F18C678BEB2977D . 88576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6000.16386_none_37dcf89704c935aa\olepro32.dll

.

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6000.16386_none_2f3c7bc7602ec1c4\perfctrs.dll

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll

[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll

.

[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll

[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll

[7] 2008-01-19 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll

[7] 2006-11-02 . D8C819157EBA10401FD25FB48184EF24 . 20480 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6000.16386_none_12c78d3353faab20\version.dll

.

[7] 2013-02-02 . DDE5A0DFAF7C6370FB36402D7A746ED3 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_58728763ebd38044\iexplore.exe

[7] 2013-02-02 . A285E1965C115031DA02B777EE9D7689 . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_58f1544304f93bff\iexplore.exe

[7] 2013-01-08 . 698EB1E5F8C66344D97C00B5699E871D . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_58815877ebc7c9af\iexplore.exe

[7] 2013-01-08 . F05982E56ABD835AA8DF260EEC873E5B . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_58ff250d04ee6c13\iexplore.exe

[7] 2012-11-14 . 0D286C0FE561D1A7EB30E83A0FF305B2 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_588f2941ebbcf9c3\iexplore.exe

[7] 2012-11-14 . F691418EE9A6344AEB5C1B0518FBF8AE . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_590bf58d04e482d0\iexplore.exe

[7] 2012-10-08 . 270A1342BD5AF95CA25A586B4C2F1522 . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_588d28adebbec715\iexplore.exe

[7] 2012-10-08 . CECB15F834FC2B4B150449717ADE18DD . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_5908f4af04e736cb\iexplore.exe

[7] 2012-08-24 . 62188720CE27B982B4285C03163C9FB3 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_5918c60d04da998d\iexplore.exe

[7] 2012-08-24 . 22CC6CDBA678790046693654C3B212E4 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_5888273bebc34862\iexplore.exe

[7] 2012-06-29 . 93569D46D79F9756ED077156496AFE23 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_589af977ebb3f729\iexplore.exe

[7] 2012-06-28 . EB4105348272018D096FEB655CD1608C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_5915c52f04dd4d88\iexplore.exe

[7] 2012-06-02 . 34B01BBD8F00B6B9C9248DC4F1E3CD01 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_5899f92debb4ddd2\iexplore.exe

[7] 2012-06-02 . BE967C74B89577B78FB57C061E12B04C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_5914c4e504de3431\iexplore.exe

[7] 2012-05-17 . 0129BB16161C2FD9A6B19111AB047198 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_5898f8e3ebb5c47b\iexplore.exe

[7] 2012-05-17 . 268982F1FD671A077C6A2AF41E351436 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_5912c45104e00183\iexplore.exe

[7] 2012-04-15 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_58a99749ebaa0de6\iexplore.exe

[7] 2012-02-28 . CF4EFFB58D9D91E8D219C8E93BC59471 . 638240 . . [8.00.6001.23318] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_12d1d0b848ea6cc9\iexplore.exe

[7] 2012-02-28 . 00A346CE3D3701EA085E87EEF746A74A . 638240 . . [8.00.6001.19222] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19222_none_123762452fda50e6\iexplore.exe

[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe

[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe

[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe

[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe

[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe

.

.

[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll

[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll

[7] 2008-01-19 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll

[7] 2006-11-02 . 62B0D0F6F5580D9D0DFA5E0B466FF2ED . 270848 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6000.16386_none_8670a1b3705f945b\w32time.dll

.

[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll

[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll

[7] 2008-01-19 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll

[7] 2006-11-02 . A941E099EF46E3CC12F898CBE1C39910 . 451584 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6000.16386_none_305d7915b6684b33\wiaservc.dll

.

[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll

[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll

[7] 2008-01-19 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll

[7] 2006-11-02 . 848E745A842F903FD521DB585AB00D97 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6000.16386_none_8ac7060813a4d0d2\midimap.dll

.

[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll

[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasadhlp.dll

[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll

.

[7] 2008-01-19 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL

[7] 2008-01-19 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL

[7] 2006-11-02 . CE0D320700CCF7C78AEF9ED84332CC53 . 11264 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6000.16386_none_c97c43c6349c7486\WSHTCPIP.DLL

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{a0729639-d831-46c9-811b-9b0aa79fb45a}"= "c:\program files\Free_TV_Bar\prxtbFre0.dll" [2011-01-17 175912]

"{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}"= "c:\program files\Produtools_Manuals_2.1\prxtbPro0.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{a0729639-d831-46c9-811b-9b0aa79fb45a}]

.

[HKEY_CLASSES_ROOT\clsid\{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{96673559-e653-4cdc-8923-f89347a952c0}]

2010-08-16 17:38 262312 ----a-w- c:\program files\verizontb\auxi\verizonAu.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a0729639-d831-46c9-811b-9b0aa79fb45a}]

2011-01-17 14:54 175912 ----a-w- c:\program files\Free_TV_Bar\prxtbFre0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}]

2011-05-09 09:49 176936 ----a-w- c:\program files\Produtools_Manuals_2.1\prxtbPro0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{f8d96645-337c-419b-8792-b6c126145811}]

2010-08-16 17:38 86696 ----a-w- c:\program files\verizontb\verizonDx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{a0729639-d831-46c9-811b-9b0aa79fb45a}"= "c:\program files\Free_TV_Bar\prxtbFre0.dll" [2011-01-17 175912]

"{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}"= "c:\program files\Produtools_Manuals_2.1\prxtbPro0.dll" [2011-05-09 176936]

"{f8d96645-337c-419b-8792-b6c126145811}"= "c:\program files\verizontb\verizonDx.dll" [2010-08-16 86696]

.

[HKEY_CLASSES_ROOT\clsid\{a0729639-d831-46c9-811b-9b0aa79fb45a}]

.

[HKEY_CLASSES_ROOT\clsid\{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}]

.

[HKEY_CLASSES_ROOT\clsid\{f8d96645-337c-419b-8792-b6c126145811}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{A0729639-D831-46C9-811B-9B0AA79FB45A}"= "c:\program files\Free_TV_Bar\prxtbFre0.dll" [2011-01-17 175912]

"{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}"= "c:\program files\Produtools_Manuals_2.1\prxtbPro0.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{a0729639-d831-46c9-811b-9b0aa79fb45a}]

.

[HKEY_CLASSES_ROOT\clsid\{b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Exetender"="c:\program files\Verizon Games on Demand Player\GPlayer.exe" [2009-02-16 1740800]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744]

"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2006-09-26 423424]

"CHotkey"="zHotkey.exe" [2006-11-07 547840]

"ShowWnd"="ShowWnd.exe" [2005-01-27 36864]

"ModPS2"="ModPS2Key.exe" [2006-11-07 53248]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-11-16 151552]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-12-12 98304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-12-12 106496]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-12-12 81920]

"HostManager"="c:\program files\Common Files\AOL\1180264516\ee\AOLSoftware.exe" [2006-09-26 50736]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"StarzTray"="c:\program files\StarzPlay\StarzPlayTray.exe" [2008-10-30 505112]

"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2011-01-10 4318520]

"Coupon Alert Search Scope Monitor"="c:\progra~1\COUPON~2\bar\1.bin\2psrchmn.exe" [2012-08-18 42536]

"CouponAlert_2p Browser Plugin Loader"="c:\progra~1\COUPON~2\bar\1.bin\2pbrmon.exe" [2012-08-18 30096]

"MapsGalaxy Search Scope Monitor"="c:\progra~1\MAPSGA~2\bar\1.bin\39srchmn.exe" [2012-10-01 42536]

"MapsGalaxy_39 Browser Plugin Loader"="c:\progra~1\MAPSGA~2\bar\1.bin\39brmon.exe" [2012-10-01 30096]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Exetender"="c:\program files\Verizon Games on Demand Player\GPlayer.exe" [2009-02-16 1740800]

.

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\SEARCH~1\Datamngr\datamngr.dll c:\progra~1\SEARCH~1\Datamngr\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigFix]

2006-11-17 00:04 2348584 ----a-w- c:\program files\BigFix\bigfix.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2006-12-11 15:11 82864 ----a-w- c:\program files\Lexmark 2400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCRCATS]

2006-11-21 16:27 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcrtime.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

2006-12-11 15:11 291760 ----a-w- c:\program files\Lexmark 2400 Series\lxcrmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]

2006-09-06 20:12 323216 ----a-w- c:\program files\Napster\napster.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2649331228-3696308728-864307741-1001]

"EnableNotificationsRef"=dword:00000001

"EnableNotificationsCache"=dword:00000002

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2649331228-3696308728-864307741-500]

"EnableNotificationsRef"=dword:00000001

"EnableNotificationsCache"=dword:00000002

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2013-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 20:51]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^CD^xdm003^S01785^us&ptb=3B888287-4246-45A0-8F15-73B132E669EE&si=CKrD8YyG8LECFQJN4AodcXAAHg

mStart Page = hxxp://www.yahoo.com/

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-10 - (no file)

HKLM-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALuNotify.exe

HKLM-Run-Verizon_McciTrayApp - c:\program files\Verizon\McciTrayApp.exe

HKLM-Run-SymLnch - c:\program files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe

HKU-Default-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-MskAgentexe - c:\program files\McAfee\MSK\MskAgent.exe

AddRemove-iLivid - c:\program files\iLivid\uninstall.exe

AddRemove-vol_toolbar - c:\program files\vol_toolbar\uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-03-31 02:54

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.2.0.7\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(5212)

c:\program files\MapsGalaxy_39\bar\1.bin\39brstub.dll

c:\program files\CouponAlert_2p\bar\1.bin\2pbrstub.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\windows\system32\AUDIODG.EXE

c:\program files\Verizon\Verizon Internet Security Suite\Fws.exe

c:\windows\system32\agrsmsvc.exe

c:\program files\Common Files\AOL\ACS\AOLAcsd.exe

c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

c:\windows\system32\lxcrcoms.exe

c:\progra~1\MAPSGA~2\bar\1.bin\39barsvc.exe

c:\program files\Common Files\Motive\McciCMService.exe

c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe

c:\program files\Verizon\VSP\ServicepointService.exe

c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

c:\program files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

c:\program files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe

c:\windows\System32\WUDFHost.exe

c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

c:\windows\zHotkey.exe

c:\windows\ModPS2Key.exe

c:\program files\Searchqu Toolbar\Datamngr\datamngrUI.exe

c:\program files\CouponAlert_2p\bar\1.bin\2pbrmon.exe

c:\program files\MapsGalaxy_39\bar\1.bin\39brmon.exe

c:\windows\ehome\ehmsas.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

c:\program files\Verizon\VSP\VerizonServicepointComHandler.exe

.

**************************************************************************

.

Completion time: 2013-03-31 03:58:17 - machine was rebooted

ComboFix-quarantined-files.txt 2013-03-31 07:58

.

Pre-Run: 162,685,644,800 bytes free

Post-Run: 163,515,985,920 bytes free

.

- - End Of File - - 9981EF22860AA77A21BF58624EFBBEE3

[CatByte]

looking better, but we still need to sweep for leftovers

please run the following:

Please download Junkware Removal Tool to your desktop.

• Shutdown your antivirus to avoid any conflicts.
  
• Right-mouse click JRT.exe and select Run as administrator
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message
  

NEXT

Download AdwCleaner from here and save it to your desktop.

• Run AdwCleaner and select Delete
  
• Once done it will ask to reboot, allow the reboot
  
• On reboot a log will be produced, please attach the content of the log to your next reply
  

NEXT

• Please open your MalwareBytes AntiMalware Program
  
• Click the Update Tab and search for updates
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish, so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected. <-- very important
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

NEXT

Go here to run an online scanner from ESET.

• Turn off the real time scanner of any existing antivirus program while performing the online scan
  
• Tick the box next to YES, I accept the Terms of Use.
  
• Click Start
  
• When asked, allow the activeX control to install
  
• Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  
• Click Scan
  
• Wait for the scan to finish
  
• When the scan completes, press the LIST OF THREATS FOUND button
  
• Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  
• Include the contents of this report in your next reply.
  
• Press the BACK button.
  
• Press Finish
  

[zma1013]

Malwarebytes did not find anything, but here are the other 3 logs.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.7.8 (03.31.2013:1)

OS: Windows Vista Home Premium x86

Ran by Owner on Sun 03/31/2013 at 12:44:19.70

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\couponalert_2p browser plugin loader

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\datamngr

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit

Successfully deleted: [Registry Key] hkey_local_machine\software\conduitengine

Successfully deleted: [Registry Key] hkey_current_user\software\datamngr

Successfully deleted: [Registry Key] hkey_current_user\software\datamngr_toolbar

Successfully deleted: [Registry Key] hkey_current_user\software\ilivid

Successfully deleted: [Registry Key] hkey_local_machine\software\ilivid

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitengine

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\fun web products

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\funwebproducts

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\mywebsearch

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\searchqutoolbar

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\browserconnection.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnsbho.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetupv1.exe

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctl.1

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\axmetastream.metastreamctlsecondary.1

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\conduit.engine

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\ilivid

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\mywebsearch.thirdpartyinstaller

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\mywebsearch.thirdpartyinstaller.1

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2319576

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3209604

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{08858af6-42ad-4914-95d2-ac3ab0dc8e28}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{30f9b915-b755-4826-820b-08fba6bd249d}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{67fa02c4-ab30-4e77-a640-78ee8ec8673b}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{799391d3-eb86-4bac-9bd3-cbfea58a0e15}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{819ffe22-35c7-4925-8cda-4e0e2db94302}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d858dafc-9573-4811-b323-7011a3aa7e61}

~~~ Files

Successfully deleted: [File] "C:\Windows\system32\conduitengine.tmp"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\viewpoint"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\ilivid player"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\conduitengine"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\couponalert_2p"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\funwebproducts"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\mywebsearch"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\pricegong"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\searchquband"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\searchqutoolbar"

Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\verizontb"

Successfully deleted: [Folder] "C:\Program Files\bigfix"

Successfully deleted: [Folder] "C:\Program Files\conduit"

Successfully deleted: [Folder] "C:\Program Files\conduitengine"

Failed to delete: [Folder] "C:\Program Files\couponalert_2p"

Successfully deleted: [Folder] "C:\Program Files\coupons"

Successfully deleted: [Folder] "C:\Program Files\funwebproducts"

Successfully deleted: [Folder] "C:\Program Files\ilivid"

Failed to delete: [Folder] "C:\Program Files\mapsgalaxy_39"

Successfully deleted: [Folder] "C:\Program Files\mywebsearch"

Successfully deleted: [Folder] "C:\Program Files\searchqu toolbar"

Successfully deleted: [Folder] "C:\Program Files\verizontb"

Successfully deleted: [Folder] "C:\Program Files\viewpoint"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 03/31/2013 at 12:53:16.33

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.115 - Logfile created 03/31/2013 at 13:08:29

# Updated 17/03/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : Owner - OWNER-PC

# Boot Mode : Normal

# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\CouponAlert_2p

Folder Deleted : C:\Program Files\Free_TV_Bar

Folder Deleted : C:\Program Files\Produtools_Manuals_2.1

Folder Deleted : C:\Users\Owner\AppData\LocalLow\Free_TV_Bar

Folder Deleted : C:\Users\Owner\AppData\LocalLow\Produtools_Manuals_2.1

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2p

Key Deleted : HKCU\Software\AppDataLow\Software\Free_TV_Bar

Key Deleted : HKCU\Software\AppDataLow\Software\Produtools_Manuals_2.1

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CouponAlert_2pbar Uninstall

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free_TV_Bar Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Produtools_Manuals_2.1 Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FD8AE42-EB4E-4FDD-A507-912BD4A2200C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A0729639-D831-46C9-811B-9B0AA79FB45A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39547E3A-FA27-442A-A06B-7BCDE0B33F86}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A0729639-D831-46C9-811B-9B0AA79FB45A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FD8AE42-EB4E-4FDD-A507-912BD4A2200C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39547E3A-FA27-442A-A06B-7BCDE0B33F86}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0729639-D831-46C9-811B-9B0AA79FB45A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}

Key Deleted : HKLM\Software\Free_TV_Bar

Key Deleted : HKLM\Software\MetaStream

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FE2505-F2A0-4782-B035-AF0E5188C02C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1805AD2D-FF8B-4264-AEC1-BB3FBEDBD83F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A323BB6-F625-48D5-B1F5-6B8B70A62662}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{396EF5A7-7A17-43F1-ACFF-CABCD1778E0E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E39EE7C5-1AE3-4D9A-A0E1-E029A5BB4D8A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0729639-D831-46C9-811B-9B0AA79FB45A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{39547E3A-FA27-442A-A06B-7BCDE0B33F86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free_TV_Bar Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Produtools_Manuals_2.1 Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\Software\Produtools_Manuals_2.1

Key Deleted : HKLM\Software\Viewpoint

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A0729639-D831-46C9-811B-9B0AA79FB45A}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B9F8C21-46EC-4C0B-8683-E755EF84577A}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A0729639-D831-46C9-811B-9B0AA79FB45A}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A0729639-D831-46C9-811B-9B0AA79FB45A}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A0729639-D831-46C9-811B-9B0AA79FB45A}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [2pffxtbr@CouponAlert_2p.com]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

*************************

AdwCleaner[s1].txt - [14591 octets] - [31/03/2013 13:08:29]

########## EOF - C:\AdwCleaner[s1].txt - [14652 octets] ##########

ESET

C:\Program Files\ElectionTracker_59EI\Installr\1.bin\59EIPlug.dll Win32/Toolbar.MyWebSearch application

C:\Program Files\ElectionTracker_59EI\Installr\1.bin\59EZSETP.dll Win32/Toolbar.MyWebSearch.Q application

C:\Program Files\ElectionTracker_59EI\Installr\1.bin\NP59EISb.dll Win32/Toolbar.MyWebSearch application

C:\Program Files\MSN Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application

C:\Program Files\MSN Messenger\riched20.dll Win32/Toolbar.MyWebSearch application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3CJpeg.dll.vir Win32/Toolbar.MyWebSearch application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3DTactl.dll.vir Win32/FunWeb application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTmlmu.dll.vir Win32/Toolbar.MyWebSearch.B application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTtpct.dll.vir Win32/Toolbar.MyWebSearch application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SCrctr.dll.vir Win32/Toolbar.MyWebSearch.P application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3HTml.dll.vir Win32/Toolbar.MyWebSearch application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3MSg.dll.vir Win32/Toolbar.MyWebSearch application

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3OUtlcn.dll.vir Win32/Toolbar.MyWebSearch.J application

C:\Qoobox\Quarantine\C\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe.vir Win32/Toolbar.MyWebSearch application

C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\54b438c3-46a893d2 multiple threats

C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\54b438c3-6fe4a9c9 a variant of Java/Exploit.CVE-2012-1723.JA trojan

C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\54b379f-15c5e744 multiple threats

C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2ebfd1a6-3b7d263b probably a variant of Java/TrojanDownloader.OpenStream.NAD trojan

[CatByte]

Please do the following:

• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  
• They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  

Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:

Press the WinKey + R to open a run box, type Notepad > click OK.

This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

File::
C:\Program Files\ElectionTracker_59EI\Installr\1.bin\59EIPlug.dll 
C:\Program Files\ElectionTracker_59EI\Installr\1.bin\59EZSETP.dll 
C:\Program Files\ElectionTracker_59EI\Installr\1.bin\NP59EISb.dll 
C:\Program Files\MSN Messenger\msimg32.dll 
C:\Program Files\MSN Messenger\riched20.dll 
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\54b438c3-46a893d2 
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\54b438c3-6fe4a9c9 
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\54b379f-15c5e744 
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2ebfd1a6-3b7d263b 

ClearJavaCache::

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  
• ComboFix may request an update; please allow it.
  
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  
• When finished, it shall produce a log for you.
  
• Copy and paste the contents of the log in your next reply.
  

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

NEXT

Visit ADOBE and download the latest version of Acrobat Reader (version XI)

Having the latest updates ensures there are no security vulnerabilities in your system.

Decline any additional installs that may be offered.

NEXT

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop.
• Scroll down to where it says Java SE 7u17
• Click the Download button under JRE to the right.
• Read the License Agreement then select Accept License Agreement
• Click on the link to download Windows x86 Offline and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-7u17-windows-i586.exe to install the newest version.
  
• Decline any additional installs that may be offered.
  

• After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are three options in the window to clear the cache - Leave these two Checked
    
    • 
      Trace and Log Files
      Cached Applications and Applets
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.

NEXT

Please advise how the computer is running now and if there are any outstanding issues

[zma1013]

I am still getting this "Bad Image" error message on my computer and I believe it might be related to a broken Norton Internet Security install. I've tried uninstalling it but it doesn't do anything when I click uninstall. Here is the combofix log.

ComboFix 13-03-31.01 - Owner 03/31/2013 23:37:21.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.327 [GMT -4:00]

Running from: c:\users\Owner\Desktop\ComboFix.exe

Command switches used :: c:\users\Owner\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\system

.

.

((((((((((((((((((((((((( Files Created from 2013-03-01 to 2013-04-01 )))))))))))))))))))))))))))))))

.

.

2013-04-01 03:54 . 2013-04-01 03:54 -------- d-----w- c:\users\Owner\AppData\Local\temp

2013-04-01 03:54 . 2013-04-01 03:54 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp

2013-04-01 03:54 . 2013-04-01 03:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-31 17:41 . 2013-03-31 17:41 -------- d-----w- c:\program files\ESET

2013-03-31 16:44 . 2013-03-31 16:44 -------- d-----w- c:\windows\ERUNT

2013-03-31 16:43 . 2013-03-31 16:44 -------- d-----w- C:\JRT

2013-03-31 08:40 . 2013-03-19 09:50 7108640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59D9B552-01DA-4932-9D04-C6EBBC9FB2DD}\mpengine.dll

2013-03-30 01:07 . 2013-03-19 09:50 7108640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-03-28 04:33 . 2013-03-28 04:33 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-03-28 04:33 . 2013-03-28 04:33 -------- d-----w- c:\program files\Trend Micro

2013-03-27 21:26 . 2013-03-27 21:26 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2013-03-25 03:51 . 2009-09-04 21:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2013-03-25 03:51 . 2009-09-04 21:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll

2013-03-25 03:50 . 2009-09-04 21:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2013-03-25 03:48 . 2013-03-27 20:54 -------- d-----w- c:\program files\Microsoft Silverlight

2013-03-24 22:13 . 2013-03-24 22:13 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\d62e58991ce28dc21\MeshBetaRemover.exe

2013-03-24 22:12 . 2013-03-24 22:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\DXSETUP.exe

2013-03-24 22:12 . 2013-03-24 22:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\dsetup32.dll

2013-03-24 22:12 . 2013-03-24 22:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\bbdc10991ce28dc1a\DSETUP.dll

2013-03-24 22:12 . 2013-03-24 22:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\DXSETUP.exe

2013-03-24 22:12 . 2013-03-24 22:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\dsetup32.dll

2013-03-24 22:12 . 2013-03-24 22:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b910bb991ce28dc19\DSETUP.dll

2013-03-24 22:11 . 2013-03-24 22:11 6260088 ----a-w- c:\program files\Common Files\Windows Live\.cache\9653e9191ce28dc0e\Silverlight.4.0.exe

2013-03-24 22:10 . 2013-03-24 22:10 -------- d-----w- c:\users\Owner\AppData\Local\Windows Live

2013-03-24 22:09 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll

2013-03-24 21:19 . 2012-10-23 11:04 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E9F2365-E845-48E6-968F-6943CDD424FB}\gapaengine.dll

2013-03-24 20:52 . 2013-03-24 20:54 -------- d-----w- c:\program files\Microsoft Security Client

2013-03-24 20:49 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2013-03-24 16:34 . 2013-03-24 16:34 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes

2013-03-24 16:33 . 2013-03-24 20:02 -------- d-----w- c:\programdata\Malwarebytes

2013-03-24 16:33 . 2013-03-24 16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-24 16:33 . 2012-12-14 20:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-24 15:59 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F22A94F1-91A5-42FD-A988-E2E2924D5B4B}\mpengine.dll

2013-03-24 15:55 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-16 00:24 . 2013-02-02 03:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-14 20:51 . 2012-06-14 20:13 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-14 20:51 . 2012-06-14 20:13 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-30 10:53 . 2009-10-02 19:52 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-20 19:59 . 2013-01-20 19:59 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-20 19:59 . 2013-01-20 19:59 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2013-01-05 05:26 . 2013-02-12 19:56 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-05 05:26 . 2013-02-12 19:56 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-04 11:28 . 2013-02-12 19:56 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-01-04 01:55 . 2013-02-12 19:56 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-01-04 01:38 . 2013-02-12 19:56 2048512 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Exetender"="c:\program files\Verizon Games on Demand Player\GPlayer.exe" [2009-02-16 1740800]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744]

"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2006-09-26 423424]

"CHotkey"="zHotkey.exe" [2006-11-07 547840]

"ShowWnd"="ShowWnd.exe" [2005-01-27 36864]

"ModPS2"="ModPS2Key.exe" [2006-11-07 53248]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-11-16 151552]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-12-12 98304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-12-12 106496]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-12-12 81920]

"HostManager"="c:\program files\Common Files\AOL\1180264516\ee\AOLSoftware.exe" [2006-09-26 50736]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"StarzTray"="c:\program files\StarzPlay\StarzPlayTray.exe" [2008-10-30 505112]

"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2011-01-10 4318520]

"MapsGalaxy_39 Browser Plugin Loader"="c:\progra~1\MAPSGA~2\bar\1.bin\39brmon.exe" [2012-10-01 30096]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Exetender"="c:\program files\Verizon Games on Demand Player\GPlayer.exe" [2009-02-16 1740800]

.

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2006-12-11 15:11 82864 ----a-w- c:\program files\Lexmark 2400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCRCATS]

2006-11-21 16:27 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcrtime.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

2006-12-11 15:11 291760 ----a-w- c:\program files\Lexmark 2400 Series\lxcrmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]

2006-09-06 20:12 323216 ----a-w- c:\program files\Napster\napster.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2649331228-3696308728-864307741-1001]

"EnableNotificationsRef"=dword:00000001

"EnableNotificationsCache"=dword:00000002

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2649331228-3696308728-864307741-500]

"EnableNotificationsRef"=dword:00000001

"EnableNotificationsCache"=dword:00000002

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2013-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 20:51]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.cnn.com/

mStart Page = hxxp://www.yahoo.com/

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-Coupon Alert Search Scope Monitor - c:\progra~1\COUPON~2\bar\1.bin\2psrchmn.exe

HKLM-Run-MapsGalaxy Search Scope Monitor - c:\progra~1\MAPSGA~2\bar\1.bin\39srchmn.exe

MSConfigStartUp-BigFix - c:\program files\Bigfix\bigfix.exe

AddRemove-Coupon Printer for Windows4.0 - c:\program files\Coupons\uninstall.exe

AddRemove-verizontb - c:\program files\verizontb\uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-03-31 23:54

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.2.0.7\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

Completion time: 2013-03-31 23:58:37

ComboFix-quarantined-files.txt 2013-04-01 03:58

ComboFix2.txt 2013-03-31 07:58

.

Pre-Run: 162,563,137,536 bytes free

Post-Run: 162,585,960,448 bytes free

.

- - End Of File - - B11AEAEBDEA616DAF6946A723559319B

[CatByte]

try using the Norton Removal Tool,

if that doesn't help please provide the exact message you are receiving, or give me a screen shot of the message

Norton has a tool that will remove all of its products from failed uninstalls or installs

• Download the appropriate Norton Removal Tool from HERE and save it to your desktop.
  
• Next Double click on Norton_Removal_Tool.exe to run the tool.
  
• Follow the on-screen instructions.
  
• Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.
  

[zma1013]

That seems to have fixed the errors. I don't see any other problems with it other than it's slow, but I just think that's because it's an old computer with a weak processor.

[CatByte]

try a defrag, that may help with the slowness, or look at Startuplite

First open an elevated Command Prompt

• Go to Start > All Programs > Accessories
  
• right click on the Command Prompt and choose “Run as administrator”
  
• Type the following see how much your hard drive is fragmented (in this example, your C:\ drive):
  
• defrag c: -a (be patient, this can take a while)
  
• The resulting analysis will tell you a “Percent file fragmentation” and at the bottom, if you need to defragment the drive or not.
  
• To fully defragment your C:\ drive type the following:
  
• defrag c: -w
  
• Give it time to run (it can take a while, best to leave the computer alone) and then you’re done!
  

StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve performance.

If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

we just have some housekeeping to do now

please do the following:

You can delete the DDS, JRT, TDSSKiller and aswMBR logs and programs from your desktop.

NEXT

Follow these steps to uninstall Combofix

• Make sure your security programs are totally disabled.
  
• Press the WinKey +R to open a run box
  
• Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.
  

NEXT

• Double click on adwcleaner.exe to run the tool.
  
• Click on Uninstall.
  
• Confirm with yes.
  

If there are any logs/tools remaining on your desktop > right click and delete them.

NEXT

Below I have included a number of recommendations for how to protect your computer against malware infections.

• It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
  Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.
  
• Keep Windows updated by regularly checking their website at :
  http://windowsupdate.microsoft.com/
  This will ensure your computer has always the latest security updates available installed on your computer.
  
• Make Internet Explorer more secure
  
  • Click Start > Run
    
  • Type Inetcpl.cpl & click OK
    
  • Click on the Security tab
    
  • Click Reset all zones to default level
    
  • Make sure the Internet Zone is selected & Click Custom level
    
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
    

  [*]Download TFC to your desktop

  • Close any open windows.
    
  • Double click the TFC icon to run the program
    
  • TFC will close all open programs itself in order to run,
    
  • Click the Start button to begin the process.
    
  • Allow TFC to run uninterrupted.
    
  • The program should not take long to finish it's job
    
  • Once its finished it should automatically reboot your machine,
    
  • if it doesn't, manually reboot to ensure a complete clean
    

  It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  [*]WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
    
  • Yellow for caution
    
  • Red to stop
    

  WOT has an addon available for both Firefox and IE

  [*]Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  [*]In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:

  PC Safety and Security--What Do I Need?.

  [*]Simple and easy ways to keep your computer safe and secure on the Internet

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

[zma1013]

It won't uninstall Combofix using that method. I made sure to type it exactly as you have it shown and all it does is run the scan again.

[CatByte]

Please try the stand alone uninstaller:

Download the ComboFix Uninstaller from here

Double click the icon to run it and follow the prompts

[zma1013]

Thanks for the help, the computer seems fine now.

[CatByte]

you are welcome,

stay safe

~CB