OTL logfile created on: 12/17/2014 1:00:28 AM - Run 6 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\cass\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.75 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 44.61% Memory free 7.50 Gb Paging File | 5.48 Gb Available in Paging File | 73.09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 687.76 Gb Total Space | 416.63 Gb Free Space | 60.58% Space Free | Partition Type: NTFS Drive D: | 10.77 Gb Total Space | 1.54 Gb Free Space | 14.26% Space Free | Partition Type: NTFS Drive F: | 1863.01 Gb Total Space | 362.45 Gb Free Space | 19.46% Space Free | Partition Type: NTFS Drive H: | 2794.51 Gb Total Space | 336.67 Gb Free Space | 12.05% Space Free | Partition Type: NTFS Computer Name: CASS-PC | User Name: cass | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/12/13 11:45:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cass\Desktop\OTL.exe PRC - [2014/12/08 23:42:25 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014/12/04 18:58:30 | 000,456,504 | ---- | M] () -- C:\Users\cass\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe PRC - [2014/12/03 01:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014/11/13 01:58:58 | 035,419,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\cass\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2014/10/02 15:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe PRC - [2013/12/21 11:29:14 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe PRC - [2013/06/02 12:14:57 | 003,532,224 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idman.exe PRC - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2009/10/22 20:50:40 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/12/17 00:38:31 | 000,043,008 | ---- | M] () -- c:\Users\cass\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgl1_dt.dll MOD - [2014/12/08 23:42:25 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014/11/13 01:49:58 | 003,610,624 | ---- | M] () -- C:\Users\cass\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013/08/23 14:01:44 | 025,100,288 | ---- | M] () -- C:\Users\cass\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2009/10/22 20:50:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014/12/02 06:51:42 | 007,138,664 | ---- | M] (Reimage®) [Auto | Running] -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -- (ReimageRealTimeProtector) SRV:[b]64bit:[/b] - [2014/11/06 15:05:04 | 000,616,288 | ---- | M] (Copyright 2013 SAMSUNG) [Auto | Running] -- C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe -- (Samsung Link Service) SRV:[b]64bit:[/b] - [2013/12/21 11:31:20 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS) SRV:[b]64bit:[/b] - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2012/09/17 11:56:36 | 000,037,216 | -H-- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2014/12/04 18:58:30 | 000,456,504 | ---- | M] () [Auto | Running] -- C:\Users\cass\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe -- (MF NTFS Monitor) SRV - [2014/12/03 01:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014/11/09 13:31:03 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/10/02 15:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe -- (N360) SRV - [2014/06/05 23:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013/12/16 19:31:34 | 000,443,080 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\GSService.exe -- (GSService) SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012/09/17 11:56:40 | 002,365,792 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012/09/17 11:56:36 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011/10/21 14:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) DRV:[b]64bit:[/b] - [2014/12/16 13:58:50 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\2BF36771.sys -- (MBAMSwissArmy) DRV:[b]64bit:[/b] - [2014/12/04 18:28:28 | 000,020,696 | -H-- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mfmonitor_x64.sys -- (mfmonitor) DRV:[b]64bit:[/b] - [2014/08/25 21:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2014/08/25 21:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2014/08/25 21:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2014/08/25 21:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2014/08/06 14:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2014/01/22 07:52:10 | 000,206,080 | -H-- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2014/01/22 07:52:10 | 000,108,800 | -H-- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2013/12/16 21:02:02 | 000,034,504 | -H-- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SndTAudio.sys -- (SndTAudio) DRV:[b]64bit:[/b] - [2013/11/28 07:43:02 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys -- (ccSet_N360) DRV:[b]64bit:[/b] - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2013/04/19 10:41:06 | 000,028,416 | -H-- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:[b]64bit:[/b] - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2013/01/25 17:44:28 | 000,031,080 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio5.sys -- (WsAudio_Device(5) DRV:[b]64bit:[/b] - [2013/01/25 17:44:28 | 000,031,080 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio4.sys -- (WsAudio_Device(4) DRV:[b]64bit:[/b] - [2013/01/25 17:44:28 | 000,031,080 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio3.sys -- (WsAudio_Device(3) DRV:[b]64bit:[/b] - [2013/01/25 17:44:28 | 000,031,080 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio2.sys -- (WsAudio_Device(2) DRV:[b]64bit:[/b] - [2013/01/25 17:44:28 | 000,031,080 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio1.sys -- (WsAudio_Device(1) DRV:[b]64bit:[/b] - [2012/09/27 13:07:26 | 000,160,992 | -H-- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | -H-- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 08:33:35 | 000,078,720 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009/07/30 12:12:56 | 000,339,744 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/13 19:35:32 | 000,012,288 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2014/12/10 16:56:49 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141216.001\ex64.sys -- (NAVEX15) DRV - [2014/12/10 16:56:49 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2014/12/10 16:56:49 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141216.001\eng64.sys -- (NAVENG) DRV - [2014/11/18 10:46:42 | 000,637,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141212.002\IDSviA64.sys -- (IDSVia64) DRV - [2014/10/03 14:19:31 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2012/08/29 16:42:28 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B6C6E718-678E-4297-B631-BD98F3CCA404}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 File not found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_enUS521 IE - HKCU\..\SearchScopes\{C0DCF99C-DE2A-4878-803E-D22EC709D766}: "URL" = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.highlightCount: 0 FF - prefs.js..browser.search.isUS: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/12/17 00:37:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013/06/02 12:16:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/15 10:02:52 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\cass\AppData\Roaming\IDM\idmmzcc5 [2013/06/02 09:36:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\cass\AppData\Roaming\IDM\idmmzcc5 [2013/06/02 09:36:09 | 000,000,000 | ---D | M] [2014/07/03 12:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Extensions [2014/12/14 10:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\2mttk1mj.default-1404400294804\extensions [2014/07/03 11:34:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\b7bs4pzu.default\extensions [2014/07/03 13:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\pfgj0keo.default\extensions [2014/07/03 13:00:40 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\pfgj0keo.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2013/11/24 17:36:21 | 000,001,906 | ---- | M] () (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\b7bs4pzu.default\extensions\urbquihqyd@urbquihqyd.org.xpi [2014/07/03 12:56:59 | 000,126,171 | ---- | M] () (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\pfgj0keo.default\extensions\elemhidehelper@adblockplus.org.xpi [2014/07/03 12:56:24 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\pfgj0keo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014/10/18 09:05:30 | 000,008,141 | ---- | M] () -- C:\Users\cass\AppData\Roaming\Mozilla\Firefox\Profiles\2mttk1mj.default-1404400294804\searchplugins\yahoo_ff.xml [2014/12/08 23:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014/12/08 23:42:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Bing (Enabled) CHR - default_search_provider: search_url = http://start.sweetpacks.com?src=6&q={searchTerms}&barid={5038CDF0-D919-11E2-90D0-001FC6FD73AB}&crg=3.5000006.10043&st=23 CHR - default_search_provider: suggest_url = , CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Google Wallet = C:\Users\cass\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ O1 HOSTS File: ([2014/12/16 19:32:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) O2:[b]64bit:[/b] - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [combofix] C:\ComboFix\CF21766.3XE (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4:[b]64bit:[/b] - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found O4 - Startup: C:\Users\cass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\cass\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\SoundTaxi\YouTubeRipper.dll () O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\SoundTaxi\YouTubeRipper.dll () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: sendmyway.com ([www] http in Trusted sites) O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} http://www.digitalwebbooks.com/reader/dbplugin.cab (DNL Reader) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64C664A9-1806-4F89-982D-0AA3F0723021}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll File not found O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll File not found O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll File not found O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll File not found O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014/12/16 19:35:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014/12/16 19:09:51 | 000,000,000 | --SD | C] -- C:\ComboFix [2014/12/16 19:07:27 | 005,601,641 | R--- | C] (Swearware) -- C:\Users\cass\Desktop\ComboFix.exe [2014/12/16 17:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Reimage Protector [2014/12/16 17:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair [2014/12/16 17:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage [2014/12/16 17:23:55 | 000,000,000 | ---D | C] -- C:\rei [2014/12/16 16:46:39 | 000,000,000 | ---D | C] -- C:\_OTL [2014/12/16 14:48:04 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2014/12/16 13:58:50 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2BF36771.sys [2014/12/16 10:54:05 | 000,000,000 | ---D | C] -- C:\fd686fd83ba35fe7cd0e6eba11ff [2014/12/16 10:51:04 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur [2014/12/16 10:05:10 | 000,000,000 | ---D | C] -- C:\Users\cass\Desktop\GrantPerms [2014/12/16 09:56:37 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\25F52E0E.sys [2014/12/15 16:04:20 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\6317795D.sys [2014/12/15 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\cass\Desktop\help [2014/12/15 08:47:33 | 005,198,336 | ---- | C] (AVAST Software) -- C:\Users\cass\Desktop\aswmbr.exe [2014/12/15 08:40:18 | 000,547,328 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014/12/15 00:42:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\cass\Desktop\OTL.exe [2014/12/14 14:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config [2014/12/14 13:24:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Picture Collage Maker Pro [2014/12/13 14:56:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014/12/13 14:56:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014/12/13 14:56:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014/12/13 14:56:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2014/12/13 14:55:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014/12/12 20:55:59 | 000,000,000 | ---D | C] -- C:\Users\cass\AppData\Local\MFAData [2014/12/12 20:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2014/12/12 20:55:59 | 000,000,000 | ---D | C] -- C:\Users\cass\AppData\Local\Avg2015 [2014/12/12 19:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/12/11 14:55:27 | 000,000,000 | ---D | C] -- C:\FRST [2014/12/11 00:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2014/12/11 00:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2014/12/10 22:21:19 | 000,000,000 | ---D | C] -- C:\Users\cass\Desktop\allshare [2014/12/10 21:22:56 | 000,000,000 | ---D | C] -- C:\Users\cass\Samsung Link [2014/12/10 21:09:07 | 000,000,000 | ---D | C] -- C:\Users\cass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung [2014/12/10 20:23:51 | 000,000,000 | ---D | C] -- C:\Upload [2014/12/10 11:34:50 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2014/12/10 11:34:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2014/12/08 23:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014/12/17 00:51:23 | 000,008,272 | ---- | M] () -- C:\Users\cass\Desktop\Combobatch.bat [2014/12/17 00:45:54 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/12/17 00:45:54 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/12/17 00:36:06 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2014/12/17 00:34:36 | 000,003,664 | ---- | M] () -- C:\bootsqm.dat [2014/12/16 20:00:07 | 000,000,120 | ---- | M] () -- C:\Windows\Reimage.ini [2014/12/16 19:32:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014/12/16 19:08:09 | 005,601,641 | R--- | M] (Swearware) -- C:\Users\cass\Desktop\ComboFix.exe [2014/12/16 19:05:54 | 000,001,049 | ---- | M] () -- C:\Users\cass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014/12/16 17:24:23 | 000,001,936 | ---- | M] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk [2014/12/16 14:09:07 | 002,166,272 | ---- | M] () -- C:\Users\cass\Desktop\AdwCleaner_2.exe [2014/12/16 13:58:50 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2BF36771.sys [2014/12/16 09:56:54 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\25F52E0E.sys [2014/12/15 16:33:51 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\6317795D.sys [2014/12/15 13:21:56 | 000,090,788 | ---- | M] () -- C:\Users\cass\Desktop\pcasvc.zip [2014/12/15 10:19:37 | 000,061,440 | ---- | M] ( ) -- C:\Users\cass\Desktop\VEW.exe [2014/12/14 13:10:38 | 000,000,168 | ---- | M] () -- C:\Users\cass\Desktop\IE.reg [2014/12/14 12:18:59 | 000,000,512 | ---- | M] () -- C:\Users\cass\Documents\MBR.dat [2014/12/14 11:21:00 | 000,261,756 | ---- | M] () -- C:\Users\cass\Desktop\vbscript.zip [2014/12/13 14:16:07 | 000,000,000 | -H-- | M] () -- C:\Users\cass\Documents\Default.rdp [2014/12/13 11:45:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cass\Desktop\OTL.exe [2014/12/13 11:01:23 | 005,198,336 | ---- | M] (AVAST Software) -- C:\Users\cass\Desktop\aswmbr.exe [2014/12/13 10:22:49 | 000,001,326 | ---- | M] () -- C:\Users\cass\Desktop\Norton Installation Files.lnk [2014/12/12 21:53:53 | 000,000,017 | ---- | M] () -- C:\Users\cass\AppData\Local\resmon.resmoncfg [2014/12/04 18:28:28 | 000,020,696 | -H-- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\mfmonitor_x64.sys [2014/11/27 20:22:30 | 000,311,325 | ---- | M] () -- C:\Users\cass\Desktop\Blade on the Hunt - Lauren Dane.epub [2014/11/22 12:37:20 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2014/11/20 11:43:48 | 000,002,004 | ---- | M] () -- C:\Users\cass\Desktop\Audible Manager.lnk [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014/12/17 00:51:23 | 000,008,272 | ---- | C] () -- C:\Users\cass\Desktop\Combobatch.bat [2014/12/17 00:34:36 | 000,003,664 | ---- | C] () -- C:\bootsqm.dat [2014/12/16 19:05:54 | 000,001,049 | ---- | C] () -- C:\Users\cass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014/12/16 17:24:23 | 000,001,936 | ---- | C] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk [2014/12/16 17:23:12 | 000,000,120 | ---- | C] () -- C:\Windows\Reimage.ini [2014/12/16 14:09:05 | 002,166,272 | ---- | C] () -- C:\Users\cass\Desktop\AdwCleaner_2.exe [2014/12/15 13:56:47 | 000,090,788 | ---- | C] () -- C:\Users\cass\Desktop\pcasvc.zip [2014/12/15 10:19:36 | 000,061,440 | ---- | C] ( ) -- C:\Users\cass\Desktop\VEW.exe [2014/12/14 13:07:12 | 000,000,168 | ---- | C] () -- C:\Users\cass\Desktop\IE.reg [2014/12/14 11:24:31 | 000,261,756 | ---- | C] () -- C:\Users\cass\Desktop\vbscript.zip [2014/12/13 14:56:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014/12/13 14:56:40 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014/12/13 14:56:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014/12/13 14:56:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014/12/13 14:56:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014/12/13 14:51:02 | 000,000,512 | ---- | C] () -- C:\Users\cass\Documents\MBR.dat [2014/12/13 14:16:07 | 000,000,000 | -H-- | C] () -- C:\Users\cass\Documents\Default.rdp [2014/12/12 21:53:53 | 000,000,017 | ---- | C] () -- C:\Users\cass\AppData\Local\resmon.resmoncfg [2014/12/12 18:54:16 | 000,001,326 | ---- | C] () -- C:\Users\cass\Desktop\Norton Installation Files.lnk [2014/11/27 20:22:24 | 000,311,325 | ---- | C] () -- C:\Users\cass\Desktop\Blade on the Hunt - Lauren Dane.epub [2014/11/22 12:37:20 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2014/11/20 11:40:01 | 000,002,004 | ---- | C] () -- C:\Users\cass\Desktop\Audible Manager.lnk [2014/08/09 15:12:49 | 000,000,000 | ---- | C] () -- C:\Users\cass\AppData\Local\{A90E2778-E4D0-4B41-9D8E-0B6EF1BA4DCF} [2014/05/09 16:14:20 | 000,443,080 | ---- | C] () -- C:\Windows\SysWow64\GSService.exe [2014/02/08 22:53:57 | 000,000,387 | ---- | C] () -- C:\Windows\cdplayer.ini [2014/02/08 22:37:25 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2014/01/23 17:31:12 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2014/01/23 17:31:08 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2014/01/23 17:31:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2014/01/23 17:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2014/01/23 17:31:08 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2014/01/01 10:17:34 | 000,000,975 | ---- | C] () -- C:\Users\cass\Hightail - Shortcut.lnk [2013/05/29 04:44:05 | 000,778,636 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/02/27 18:06:27 | 145,892,360 | ---- | C] () -- C:\Users\cass\fixed.KWMindGames.rar [2013/02/22 12:21:02 | 000,894,616 | ---- | C] () -- C:\Windows\dbplugin.exe [2013/02/09 13:59:01 | 000,000,292 | ---- | C] () -- C:\Users\cass\AppData\Local\HamsterBookConverter.cfg [2013/02/05 15:13:05 | 000,000,474 | ---- | C] () -- C:\Users\cass\AppData\Roaming\wklnhst.dat [2013/02/02 12:22:46 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/09/11 09:03:07 | 000,003,344 | ---- | C] () -- C:\Users\cass\.recently-used.xbel [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< MD5 for: ACTIVESETUPN_2.EXE >[/color] [2014/11/20 11:35:52 | 001,730,272 | ---- | M] (Audible Inc.) MD5=F6E3B4D95EF73FE7DDF69A01FFC1125C -- C:\Users\cass\Downloads\Programs\ActiveSetupN_2.exe [color=#A23BEC]< MD5 for: IEXPLORE.EXE >[/color] [2013/01/08 20:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe [2014/03/07 20:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_858ffb5bf711c81f\iexplore.exe [2013/12/10 19:07:01 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe [2012/10/27 00:02:44 | 000,672,832 | ---- | M] (Microsoft Corporation) MD5=06A8334D76DCF0DFFA738A512BDCD5F7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17153_none_19d8942672c321c5\iexplore.exe [2013/01/29 15:08:44 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe [2013/07/31 05:18:24 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=10C1F2EC48D524AE10229AACD37B172A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20617_none_1843b546cdda6584\iexplore.exe [2013/07/24 21:48:45 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=139C8953AC56A9E559C7DEF07BC45ED7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20613_none_183fb41ecdde0028\iexplore.exe [2013/05/16 23:10:41 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=1423FF1BFD2ECD9CFC8C17EA4F98B20F -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16490_none_0d07eadd80a334bf\iexplore.exe [2014/06/20 15:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation) MD5=24868C9D422EDB5B249C0C81B01A0C19 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_7b212759c2c57270\iexplore.exe [2013/02/22 02:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_0d238c71808d94e7\iexplore.exe [2014/11/26 20:43:02 | 000,813,744 | ---- | M] (Microsoft Corporation) MD5=2A9DA9E7462EBA3F6D2036E8D18FF773 -- C:\Program Files\Internet Explorer\iexplore.exe [2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe [2014/07/31 18:41:41 | 000,810,176 | ---- | M] (Microsoft Corporation) MD5=31A7689F580F37B52F65B9653F8916D4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_7b23faa7c2c2f1b7\iexplore.exe [2013/02/21 23:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2\iexplore.exe [2013/05/28 22:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20606_none_184d84e8cdd3303c\iexplore.exe [2013/10/12 16:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe [2014/03/01 17:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_8557e945f73c23ff\iexplore.exe [2013/10/12 04:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe [2013/04/04 17:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_176a65f9b4f926ce\iexplore.exe [2013/02/21 23:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d\iexplore.exe [2014/02/06 17:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_85564983f73dbe0f\iexplore.exe [2013/09/22 05:59:54 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=45BDA923BE52906D1460BCB13AC2AB7A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16514_none_17b7179db4bf79b5\iexplore.exe [2012/10/27 00:56:51 | 000,696,384 | ---- | M] (Microsoft Corporation) MD5=4CDF8DE0C9F0A245B7348FDD2866F176 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21355_none_100f8919577e2f69\iexplore.exe [2014/06/02 01:03:18 | 000,810,200 | ---- | M] (Microsoft Corporation) MD5=4F2AA3E7BD7257E4937E071E3700819E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_7b2e0ea1c2bb6f8c\iexplore.exe [2013/07/24 23:00:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=536B5973A34DDAA6E16AC8248B726BD0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20613_none_0deb09cc997d3e2d\iexplore.exe [2013/07/24 21:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16502_none_17bfe6f5b4b92b16\iexplore.exe [2014/11/07 14:23:39 | 000,815,280 | ---- | M] (Microsoft Corporation) MD5=591C6FD1541BAFAEEE82B1F5831C8532 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17420_none_8562d1dff733eb94\iexplore.exe [2014/06/01 23:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_8582b8f3f71c3187\iexplore.exe [2013/05/16 18:34:33 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=67EE46FD4D3B56531C5DD1BDC149275A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16490_none_175c952fb503f6ba\iexplore.exe [2013/01/08 17:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe [2014/10/06 21:54:03 | 000,810,680 | ---- | M] (Microsoft Corporation) MD5=6B9FDB34A5A490FF6A7EDE280062626A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17358_none_7b1b4217c2c926b5\iexplore.exe [2013/09/22 10:05:44 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=6FE8A2A2E24D8BED324BA2EBE356488E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20625_none_0de23a7499838ccc\iexplore.exe [2009/04/19 23:56:28 | 000,060,416 | ---- | M] (NirSoft) MD5=753BC16326FEE4A421ACB636CCD602F4 -- C:\ComboFix\iexplore.exe [2012/10/27 00:37:44 | 000,696,400 | ---- | M] (Microsoft Corporation) MD5=7BF529AEFBAD8946747A1D592BCD31AB -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17153_none_0f83e9d43e625fca\iexplore.exe [2013/02/02 03:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe [2014/03/01 17:33:45 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=84BCBFB752B96543307E6602E669A95A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_7b033ef3c2db6204\iexplore.exe [2010/11/20 08:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe [2014/08/19 13:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation) MD5=9540F3F5489747E71101E8AC9850CC79 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_7b29c921c2bd89c1\iexplore.exe [2013/10/12 02:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe [2013/05/16 20:46:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A1397D2A4924C390E55D146FB45FDF7C -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20600_none_0df2d8da9977d637\iexplore.exe [2013/04/04 20:55:57 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=A1B0DEC3BB845C6369F97BC1A3542A07 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_0d15bba7809864d3\iexplore.exe [2014/11/26 20:10:46 | 000,815,280 | ---- | M] (Microsoft Corporation) MD5=A24BFBAE8B50A6780B68FF3673FAB52F -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013/02/01 23:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe [2013/07/31 09:22:10 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A818D637533302BA58C685F332388FC0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16506_none_0d6f3dcb8054ce77\iexplore.exe [2013/05/16 17:27:11 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=A8732CEDB2C0EE7AFC08F867A47BB3EC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20600_none_1847832ccdd89832\iexplore.exe [2013/02/02 02:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe [2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16506_none_17c3e81db4b59072\iexplore.exe [2005/08/15 12:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\ComboFix\en-US\iexplore.exe [2013/05/29 01:24:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=AFF2C99AD2C599108B6BD9E77C24B463 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_0d0dec99809dccc9\iexplore.exe [2013/02/22 02:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_0da2595099b350a2\iexplore.exe [2013/04/04 16:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_17e932d8ce1ee289\iexplore.exe [2013/04/04 19:40:37 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=C4A4F4AD91677DA1659A9ADE63746B8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_0d94888699be208e\iexplore.exe [2010/11/20 07:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe [2014/02/06 17:55:10 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=C6E1178294BDEAB1CACF50427688DF05 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_7b019f31c2dcfc14\iexplore.exe [2013/12/10 19:07:03 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe [2013/05/29 00:56:53 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=C9C29508A433DAF0118D28C4F38CDDFC -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20606_none_0df8da9699726e41\iexplore.exe [2012/10/26 23:57:50 | 000,672,832 | ---- | M] (Microsoft Corporation) MD5=CAB945F6B0700D84DE40ED1FA6DB15F2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21355_none_1a64336b8bdef164\iexplore.exe [2014/06/20 14:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_8575d1abf726346b\iexplore.exe [2014/07/31 18:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_8578a4f9f723b3b2\iexplore.exe [2013/10/30 12:34:03 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe [2013/10/12 02:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe [2013/02/01 23:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe [2013/07/31 08:01:01 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=E1D016741AA03A959586A7818595BF46 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20617_none_0def0af49979a389\iexplore.exe [2014/03/07 21:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_7b3b5109c2b10624\iexplore.exe [2013/05/28 21:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_176296ebb4fe8ec4\iexplore.exe [2014/08/19 12:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_857e7373f71e4bbc\iexplore.exe [2013/01/08 19:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe [2014/11/07 14:49:08 | 000,813,744 | ---- | M] (Microsoft Corporation) MD5=F00FC8AF1B04C4611F92BC3DA01A2F49 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17420_none_7b0e278dc2d32999\iexplore.exe [2013/01/08 16:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe [2009/07/13 20:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe [2013/10/30 12:34:03 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe [2013/09/22 07:14:29 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=F87E95A127E83277B9AE500D7A18C998 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20625_none_1836e4c6cde44ec7\iexplore.exe [2013/09/22 10:48:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=F980F2E95E0434C8E0559B6504FE1D10 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16514_none_0d626d4b805eb7ba\iexplore.exe [2014/10/06 21:04:46 | 000,812,736 | ---- | M] (Microsoft Corporation) MD5=F9F310F9FB7F294F00ABDD03453D8CEE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17358_none_856fec69f729e8b0\iexplore.exe [2013/07/24 22:58:46 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=FA5B33E7BB143BCE846C303B528E8D62 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16502_none_0d6b3ca38058691b\iexplore.exe [2013/01/29 15:08:41 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe [color=#A23BEC]< MD5 for: MSHTML.DLL >[/color] [2013/10/12 02:02:49 | 014,355,968 | ---- | M] (Microsoft Corporation) MD5=02A04841906A8892AD6CC7BDBCB5F61D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16736_none_9b5c450cc70dac38\mshtml.dll [2012/11/12 09:07:49 | 009,372,672 | ---- | M] (Microsoft Corporation) MD5=035263E1364D1AFE39613151D04181C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21369_none_8a957097cbe663fe\mshtml.dll [2013/05/29 00:48:32 | 017,831,424 | ---- | M] (Microsoft Corporation) MD5=04EFE9DFE4F0318DED06B47479026706 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20606_none_888590d90dd62189\mshtml.dll [2013/01/29 15:08:42 | 012,320,256 | ---- | M] (Microsoft Corporation) MD5=07F649CD36F266BBE33B814FA678AA43 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_921b8d282940eb9f\mshtml.dll [2013/05/16 17:08:45 | 012,330,496 | ---- | M] (Microsoft Corporation) MD5=097654708FE5F07278A1E36D9F78CA94 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20600_none_92d4396f423c4b7a\mshtml.dll [2013/07/24 21:45:12 | 012,334,080 | ---- | M] (Microsoft Corporation) MD5=0E2B5CB2193B6B0057F7D8B3FE02777E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20613_none_92cc6a614241b370\mshtml.dll [2013/02/22 02:12:34 | 017,817,600 | ---- | M] (Microsoft Corporation) MD5=0E860BF2BCDDD94202A6AB9A10EE95EB -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20586_none_882f0f930e1703ea\mshtml.dll [2013/01/04 12:34:33 | 006,030,336 | ---- | M] (Microsoft Corporation) MD5=0ECEDD5CC58B3C88DB418A2C0DFA7BC5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22185_none_96b6d6effd81646b\mshtml.dll [2013/05/05 15:26:05 | 012,325,888 | ---- | M] (Microsoft Corporation) MD5=1152DE9D7FE16EC92A12165D1CBE8406 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20594_none_9276e9654281af28\mshtml.dll [2013/02/22 01:57:13 | 017,817,088 | ---- | M] (Microsoft Corporation) MD5=1154FEFC73880A2EF44295EF0DBDC59F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_87b042b3f4f1482f\mshtml.dll [2009/07/13 20:41:28 | 009,271,296 | ---- | M] (Microsoft Corporation) MD5=12C3F25EA578DAA752024E1918D59313 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll [2013/01/04 13:51:48 | 009,376,256 | ---- | M] (Microsoft Corporation) MD5=14470D396157D2C03209F47B71C2EEA7 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17185_none_89f230e6b2dc9993\mshtml.dll [2013/01/08 20:48:55 | 017,812,992 | ---- | M] (Microsoft Corporation) MD5=14DEB733ACB08A71CC0783ED02FF1F8D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_87b9120bf4eaf990\mshtml.dll [2013/11/26 06:54:49 | 023,183,360 | ---- | M] (Microsoft Corporation) MD5=16B0A65F52531B769B891DC251ECC6C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_f59f54ac3732f833\mshtml.dll [2010/11/20 08:27:02 | 008,988,160 | ---- | M] (Microsoft Corporation) MD5=1C8B787BAA52DEAD1A6FEC1502D652F0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll [2013/02/02 03:04:08 | 017,815,040 | ---- | M] (Microsoft Corporation) MD5=1CD82D510D370CB04BB6BD1C660AA96F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20580_none_88290dd70e1c6be0\mshtml.dll [2013/01/04 13:27:12 | 009,060,352 | ---- | M] (Microsoft Corporation) MD5=229C53E836D62E6F1A8D75378681DDD5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22185_none_8c622c9dc920a270\mshtml.dll [2013/10/12 03:43:58 | 019,269,632 | ---- | M] (Microsoft Corporation) MD5=25C356A79B7002E0A20AAF592ED59DE4 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16736_none_91079aba92acea3d\mshtml.dll [2013/02/01 23:09:34 | 012,321,792 | ---- | M] (Microsoft Corporation) MD5=263963D93A3CA8F685EFA5966F1E6581 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16470_none_91feeb4a29577220\mshtml.dll [2013/05/05 14:25:43 | 012,324,864 | ---- | M] (Microsoft Corporation) MD5=26F30066B9FA78C97A0E92803D496211 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16484_none_91f81c86295bf36d\mshtml.dll [2012/11/12 08:53:27 | 006,029,312 | ---- | M] (Microsoft Corporation) MD5=299ED7BD35F503E8ECC3F50DCCE4A1D1 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_96c77555fd75add6\mshtml.dll [2013/01/04 10:32:38 | 006,029,824 | ---- | M] (Microsoft Corporation) MD5=2F83E05045CE9FCDE2F0986C4F5DC171 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18021_none_966a1884e436b79f\mshtml.dll [2013/05/29 01:15:56 | 017,829,376 | ---- | M] (Microsoft Corporation) MD5=34426D52FBA4F3E31739DB840D2601AD -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16496_none_879aa2dbf5018011\mshtml.dll [2014/03/06 05:21:31 | 023,549,440 | ---- | M] (Microsoft Corporation) MD5=37D0FB9E5E8EDA40B66FC3FB3D660261 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll [2013/09/22 06:57:02 | 012,336,640 | ---- | M] (Microsoft Corporation) MD5=41DAD6EDAE3F02B7D527FA9B4B4EA022 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20625_none_92c39b094248020f\mshtml.dll [2009/07/13 20:15:44 | 005,957,632 | ---- | M] (Microsoft Corporation) MD5=43592D31AFF84DD957199248898D9430 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll [2013/04/04 19:33:51 | 017,818,624 | ---- | M] (Microsoft Corporation) MD5=43FEF944FF64BE0354A5C129C98EB13D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20593_none_88213ec90e21d3d6\mshtml.dll [2013/09/22 10:00:00 | 017,835,008 | ---- | M] (Microsoft Corporation) MD5=446C4A7C199224815CDD280F281E8253 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20625_none_886ef0b70de74014\mshtml.dll [2013/02/02 02:31:33 | 017,815,040 | ---- | M] (Microsoft Corporation) MD5=460723A080D6F22E56D45BC8C1F15B2A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16470_none_87aa40f7f4f6b025\mshtml.dll [2013/02/21 23:06:28 | 012,324,864 | ---- | M] (Microsoft Corporation) MD5=474D43D76E2A33FEE21C6F4BB7C4A3B7 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20586_none_9283b9e54277c5e5\mshtml.dll [2012/11/12 08:24:43 | 006,028,800 | ---- | M] (Microsoft Corporation) MD5=48892C6C23E99FE5E4DF1909CE96FEC9 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_962592f4e468f955\mshtml.dll [2013/05/28 22:23:04 | 012,335,104 | ---- | M] (Microsoft Corporation) MD5=4ACB8A0EA4A1BEAA4FA92680BB71C542 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20606_none_92da3b2b4236e384\mshtml.dll [2014/03/01 01:05:15 | 023,133,696 | ---- | M] (Microsoft Corporation) MD5=4E0709D9BB951AD1C22E4FF519B90839 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll [2013/04/04 16:33:05 | 012,325,376 | ---- | M] (Microsoft Corporation) MD5=4EBF337D1F52EA9202072348BA41CA95 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20593_none_9275e91b428295d1\mshtml.dll [2014/05/30 05:21:26 | 023,414,784 | ---- | M] (Microsoft Corporation) MD5=56803B20D168C1B740D12CE0BE4588F5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll [2014/04/29 07:48:44 | 017,384,448 | ---- | M] (Microsoft Corporation) MD5=5869FBC754578A59C8C8635B99DB79DE -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_000d856a6b819880\mshtml.dll [2012/11/12 09:14:49 | 009,057,792 | ---- | M] (Microsoft Corporation) MD5=5D0EAA517A6450200ECAA8C95D02B293 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22160_none_8c72cb03c914ebdb\mshtml.dll [2013/02/21 23:05:50 | 012,324,352 | ---- | M] (Microsoft Corporation) MD5=658EBC74BD38D16805648C4775F7FA82 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_9204ed0629520a2a\mshtml.dll [2013/07/31 05:30:56 | 012,335,104 | ---- | M] (Microsoft Corporation) MD5=6DB41C70A74B420A0ADC55A9862DDAD9 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16506_none_92509e60291943ba\mshtml.dll [2014/02/28 23:30:58 | 017,074,688 | ---- | M] (Microsoft Corporation) MD5=70462E0A4E293FC80620AB945D8A59BB -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_ffe49f886b9fd747\mshtml.dll [2013/07/24 21:40:07 | 012,334,080 | ---- | M] (Microsoft Corporation) MD5=7161E761E81356C8EF6383CB1AE41B8D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16502_none_924c9d38291cde5e\mshtml.dll [2013/05/05 16:36:54 | 017,818,624 | ---- | M] (Microsoft Corporation) MD5=7212340908E00AD2F28E58EA04CEB852 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16484_none_87a37233f4fb3172\mshtml.dll [2014/09/18 21:25:22 | 023,631,360 | ---- | M] (Microsoft Corporation) MD5=7415B29AFE2E4494A57358B8C7E78600 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll [2012/11/12 08:24:42 | 006,029,824 | ---- | M] (Microsoft Corporation) MD5=750D6A1244A4B70630DFC4A049D7CADF -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17166_none_945d7b5ae72c3d03\mshtml.dll [2014/05/05 23:40:42 | 023,544,320 | ---- | M] (Microsoft Corporation) MD5=797E2E5C309AFF76990D5B7AF457EACA -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll [2013/04/04 17:23:51 | 012,324,864 | ---- | M] (Microsoft Corporation) MD5=79B0D843B26BEA808EA89BA2D8A026F2 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16483_none_91f71c3c295cda16\mshtml.dll [2013/05/28 20:56:15 | 012,333,568 | ---- | M] (Microsoft Corporation) MD5=7BD6A6DFA75B665FA8F21BB21E59EC11 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16496_none_91ef4d2e2962420c\mshtml.dll [2014/08/18 17:26:50 | 017,455,104 | ---- | M] (Microsoft Corporation) MD5=7BF1CE9240CB9DD27C3E30733176EB8E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_000b29b66b81ff04\mshtml.dll [2013/07/24 22:54:29 | 017,830,400 | ---- | M] (Microsoft Corporation) MD5=7D9371E3C8CF927D0A2A1D9E1161C324 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16502_none_87f7f2e5f4bc1c63\mshtml.dll [2014/07/25 08:51:14 | 017,524,224 | ---- | M] (Microsoft Corporation) MD5=8453DDF167CE2986AA4AB04BC6824925 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll [2013/09/22 10:43:54 | 017,833,984 | ---- | M] (Microsoft Corporation) MD5=88664D38A94CDBD372ABB617E2928C37 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16514_none_87ef238df4c26b02\mshtml.dll [2013/02/01 23:15:04 | 012,322,304 | ---- | M] (Microsoft Corporation) MD5=88C27474E61271B49677F22CEE76FB3E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20580_none_927db829427d2ddb\mshtml.dll [2013/07/31 07:55:33 | 017,834,496 | ---- | M] (Microsoft Corporation) MD5=8D29405AC33ED98ADE0DF26151FF7C89 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20617_none_887bc1370ddd56d1\mshtml.dll [2014/08/18 18:01:00 | 023,591,424 | ---- | M] (Microsoft Corporation) MD5=920BD93A0B64657A20CA66C2EBB167EA -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll [2014/11/05 22:10:35 | 019,781,632 | ---- | M] (Microsoft Corporation) MD5=93074C4FA92A8399404D032F6AF72C1B -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll [2013/01/04 14:09:34 | 009,379,328 | ---- | M] (Microsoft Corporation) MD5=98A9587AB8EF8783F604610B60259BC0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21393_none_8a6eff17cc041fc7\mshtml.dll [2013/10/12 01:54:11 | 014,381,568 | ---- | M] (Microsoft Corporation) MD5=9C2714E4CF56DD8CD27BF6DEE9E7A1BF -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20848_none_8484a13ee0bc7477\mshtml.dll [2013/01/04 14:37:33 | 006,032,384 | ---- | M] (Microsoft Corporation) MD5=A000F3F12437641F05A840BC6E197C82 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21393_none_94c3a96a0064e1c2\mshtml.dll [2012/11/12 09:11:50 | 009,375,232 | ---- | M] (Microsoft Corporation) MD5=A0AD7097CD66B73B6DB0197D0021A210 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17166_none_8a08d108b2cb7b08\mshtml.dll [2013/05/16 18:08:55 | 012,329,984 | ---- | M] (Microsoft Corporation) MD5=A6F5B25905CD01AE714990E02C7205A5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16490_none_91e94b722967aa02\mshtml.dll [2013/10/30 12:34:03 | 014,335,488 | ---- | M] (Microsoft Corporation) MD5=A7221924181C8EB92B64C5A2D888BEA5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16721_none_9b5bb6aac70e12bc\mshtml.dll [2013/05/16 23:05:41 | 017,824,768 | ---- | M] (Microsoft Corporation) MD5=A820869140978CCAF33CF7770EEE19F5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16490_none_8794a11ff506e807\mshtml.dll [2014/04/29 09:01:39 | 023,547,904 | ---- | M] (Microsoft Corporation) MD5=A98DA2EC1E56CF52C682D072F77D9874 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_f5b8db183720d685\mshtml.dll [2012/11/12 09:20:28 | 009,055,744 | ---- | M] (Microsoft Corporation) MD5=AE18DCD6934D657EA0995E919FB0F4DD -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17998_none_8bd0e8a2b008375a\mshtml.dll [2013/01/04 13:11:13 | 006,029,824 | ---- | M] (Microsoft Corporation) MD5=B61C48277ABB5EA3840E8416369ED10B -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.17185_none_9446db38e73d5b8e\mshtml.dll [2013/01/08 16:17:18 | 012,322,304 | ---- | M] (Microsoft Corporation) MD5=B6AD225B3BCC07332FBB2C2824315534 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_928b88f342725def\mshtml.dll [2013/01/08 19:46:30 | 017,814,528 | ---- | M] (Microsoft Corporation) MD5=B6C5BC6D4E1D79CB8DF107112A9F37CB -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20573_none_8836dea10e119bf4\mshtml.dll [2014/11/05 23:03:15 | 025,110,016 | ---- | M] (Microsoft Corporation) MD5=BBD6A636AAA65D874F3863280CD8373D -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll [2013/10/12 02:15:28 | 019,510,784 | ---- | M] (Microsoft Corporation) MD5=BED01C981AA5D47941F6BAF30B6FE12C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20848_none_7a2ff6ecac5bb27c\mshtml.dll [2013/11/26 05:11:50 | 017,112,576 | ---- | M] (Microsoft Corporation) MD5=BFAFE990C4A191E83843362B5AC64A9B -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_fff3fefe6b93ba2e\mshtml.dll [2014/03/30 20:16:17 | 023,134,208 | ---- | M] (Microsoft Corporation) MD5=C3E3EFD320D0000BE6F9CDB00CD6086F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_f5876fe837454a4a\mshtml.dll [2010/11/20 07:19:47 | 005,977,600 | ---- | M] (Microsoft Corporation) MD5=C50799F0D47DFB9774F721521B6C41D5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll [2014/02/06 05:38:24 | 017,103,872 | ---- | M] (Microsoft Corporation) MD5=C863E5A2417DF0F2A31ED32C3B2CB23F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_ffe2ffc66ba17157\mshtml.dll [2013/01/08 17:23:25 | 012,321,280 | ---- | M] (Microsoft Corporation) MD5=C97434C851C4821BD92D2831FDF1ECBE -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16464_none_920dbc5e294bbb8b\mshtml.dll [2014/03/30 18:57:59 | 017,073,152 | ---- | M] (Microsoft Corporation) MD5=CCF19C82F6145E4A467F7CB9AF82026C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_ffdc1a3a6ba60c45\mshtml.dll [2013/05/16 20:37:56 | 017,824,768 | ---- | M] (Microsoft Corporation) MD5=CD451FEE119B7557633039CA39290331 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20600_none_887f8f1d0ddb897f\mshtml.dll [2013/01/29 15:08:39 | 017,811,968 | ---- | M] (Microsoft Corporation) MD5=CFF3C4ABDCC5356B0674743BDF0FB674 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16457_none_87c6e2d5f4e029a4\mshtml.dll [2014/02/06 07:16:01 | 023,170,048 | ---- | M] (Microsoft Corporation) MD5=D016F5092E4FFC41147E8555A71D2DDE -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_f58e55743740af5c\mshtml.dll [2013/12/10 19:07:00 | 023,212,032 | ---- | M] (Microsoft Corporation) MD5=D233E1A32CE6AF918C9DE1BC44AFEB2A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_f59a25aa3737acc2\mshtml.dll [2014/05/30 04:18:15 | 017,271,296 | ---- | M] (Microsoft Corporation) MD5=D5ECBB3BFDC73A59440D9CA79AB3A342 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll [2013/01/04 10:53:13 | 009,060,864 | ---- | M] (Microsoft Corporation) MD5=D7A6EA0D6BD8B2357B51B436824DD0C5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18021_none_8c156e32afd5f5a4\mshtml.dll [2013/07/31 09:17:31 | 017,833,472 | ---- | M] (Microsoft Corporation) MD5=DA908B28F07804BD648756B8FFAE9305 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16506_none_87fbf40df4b881bf\mshtml.dll [2013/07/31 05:03:03 | 012,335,616 | ---- | M] (Microsoft Corporation) MD5=DCC51F3466767C3B418E23F5A467D6E5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20617_none_92d06b89423e18cc\mshtml.dll [2014/06/18 19:16:07 | 017,276,416 | ---- | M] (Microsoft Corporation) MD5=DFA59840BB1220AFD261FDAE83543959 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll [2013/05/05 17:35:07 | 017,819,136 | ---- | M] (Microsoft Corporation) MD5=E139A28843F52F383D414BF0AAEF6CE4 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20594_none_88223f130e20ed2d\mshtml.dll [2012/11/12 08:33:13 | 006,031,360 | ---- | M] (Microsoft Corporation) MD5=E6398412C907EB15E34A7BBDBBB4B559 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21369_none_94ea1aea004725f9\mshtml.dll [2014/03/06 04:19:28 | 017,387,008 | ---- | M] (Microsoft Corporation) MD5=EA85144F35EDE6EE25C484D4242FF2C8 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll [2014/05/05 22:25:19 | 017,382,912 | ---- | M] (Microsoft Corporation) MD5=EB5347F6149D3FF25F4D609A21A3BD67 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll [2014/07/25 09:52:04 | 023,645,696 | ---- | M] (Microsoft Corporation) MD5=ECA387DCD57F683C52171C766CF400F0 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll [2013/07/24 22:55:56 | 017,832,960 | ---- | M] (Microsoft Corporation) MD5=EEC97B8A669093E4797ECD0B56DFEC51 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20613_none_8877c00f0de0f175\mshtml.dll [2013/10/30 12:34:03 | 019,252,224 | ---- | M] (Microsoft Corporation) MD5=F026C6F104758D0EB215B017016FAE27 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16721_none_91070c5892ad50c1\mshtml.dll [2013/09/22 05:29:45 | 012,336,128 | ---- | M] (Microsoft Corporation) MD5=F46A58EC9183CB2B24326A41CDDE1FAE -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16514_none_9243cde029232cfd\mshtml.dll [2013/04/04 20:51:15 | 017,818,624 | ---- | M] (Microsoft Corporation) MD5=F63D8615292792D36EDF24913636685D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16483_none_87a271e9f4fc181b\mshtml.dll [2014/09/18 20:44:05 | 017,484,800 | ---- | M] (Microsoft Corporation) MD5=F91E55DA404B834648A3B0A2477C10DB -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_fffca2ac6b8d9bf8\mshtml.dll [2013/12/10 19:07:02 | 017,142,784 | ---- | M] (Microsoft Corporation) MD5=F9F114B2A6F876C92D317A755494F233 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_ffeecffc6b986ebd\mshtml.dll [2014/06/18 20:39:48 | 023,464,448 | ---- | M] (Microsoft Corporation) MD5=FEC19C351EF1B2C998A85D1BFD765675 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll [color=#A23BEC]< MD5 for: PCALUA.EXE >[/color] [2009/07/13 20:39:26 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2549089234E799D510296D327EA2B679 -- C:\Windows\SysNative\pcalua.exe [2009/07/13 20:39:26 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2549089234E799D510296D327EA2B679 -- C:\Windows\winsxs\amd64_microsoft-windows-a..atibility-assistant_31bf3856ad364e35_6.1.7600.16385_none_8fbb77bb3cd808d1\pcalua.exe [2009/07/13 20:39:26 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2549089234E799D510296D327EA2B679 -- C:\Windows\winsxs\amd64_microsoft-windows-a..atibility-assistant_31bf3856ad364e35_6.1.7601.18526_none_91e3a56339ccf4ab\pcalua.exe [2009/07/13 20:39:26 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2549089234E799D510296D327EA2B679 -- C:\Windows\winsxs\amd64_microsoft-windows-a..atibility-assistant_31bf3856ad364e35_6.1.7601.22736_none_9262742852f2ad8d\pcalua.exe [color=#A23BEC]< MD5 for: SETUP.EXE >[/color] [2009/09/15 07:11:22 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe [2009/05/22 12:15:40 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe [2009/05/22 12:15:42 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe [2009/05/22 12:15:42 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe [2009/05/22 12:15:40 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe [2009/05/22 12:15:42 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe [2009/05/22 12:15:42 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe [2009/05/22 12:15:42 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe [2009/05/22 12:15:40 | 000,316,712 | ---- | M] (Macrovision Corporation ) MD5=07F9B39AB7D6CF3DE214362B126E6149 -- C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe [2013/09/20 07:13:38 | 000,475,136 | ---- | M] () MD5=0D83748AE2E5684682201DFBBE92F0FB -- C:\Users\cass\Desktop\desktop shorts\OpenOffice 4.0.1 (en-US) Installation Files\setup.exe [2001/09/05 07:23:24 | 000,056,320 | ---- | M] (InstallShield Software Corporation) MD5=1AEB989E361AF85F5099DE3DA25457F4 -- C:\Linksys Driver\WUSB54GC_20051228\Utility\Setup.exe [2010/11/20 08:25:14 | 000,266,240 | ---- | M] (Microsoft Corporation) MD5=204E0114ECD8AD75A76BABEBB48237AE -- C:\Windows\SysNative\oobe\Setup.exe [2010/11/20 08:25:14 | 000,266,240 | ---- | M] (Microsoft Corporation) MD5=204E0114ECD8AD75A76BABEBB48237AE -- C:\Windows\winsxs\amd64_microsoft-windows-setup-component_31bf3856ad364e35_6.1.7601.17514_none_905283bdc3e1d2d8\Setup.exe [2013/11/28 07:40:51 | 067,493,224 | ---- | M] (Symantec Corporation) MD5=2155ECB2B42F660F4169F9E7757903EB -- C:\Users\Public\Downloads\Norton\{N360_SOS_21.1.0.18}\Setup.exe [2007/06/20 09:04:26 | 000,193,888 | ---- | M] (Microsoft Corporation) MD5=2506CE7E7AA190103E060E1C9DA8C1A5 -- C:\Program Files (x86)\Microsoft Works\Setup.exe [2005/11/02 19:07:14 | 002,141,184 | ---- | M] (Linksys) MD5=2ACAB80E3787DC3106E91EF527F39DDB -- C:\Linksys Driver\WUSB54GC_20051228\Setup.exe [2013/01/16 23:01:53 | 000,015,968 | R-S- | M] (Tarma Software Research Pty Ltd) MD5=35B1C736628D368573484CCBD55F64DA -- C:\ProgramData\InstallMate\{A32070E9-00A2-4646-A4AD-488078C3521F}\Setup.exe [2013/01/16 23:01:53 | 000,015,968 | R-S- | M] (Tarma Software Research Pty Ltd) MD5=35B1C736628D368573484CCBD55F64DA -- C:\Users\All Users\InstallMate\{A32070E9-00A2-4646-A4AD-488078C3521F}\Setup.exe [2011/05/11 21:53:36 | 001,439,656 | ---- | M] (Symantec Corporation) MD5=3E13A3ABFB2E9EEB6F33BBEEEB4BA15B -- C:\Users\Public\Downloads\Norton\{3A7FA539-8005-4603-87D2-SOS1-NSS-v5}\Setup.exe [2009/07/13 20:39:38 | 000,266,240 | ---- | M] (Microsoft Corporation) MD5=3E1F526693D0DDCD8C8D9955089F8172 -- C:\Windows\winsxs\amd64_microsoft-windows-setup-component_31bf3856ad364e35_6.1.7600.16385_none_8e216ff5c6f34f3e\Setup.exe [2009/05/08 11:02:54 | 000,259,640 | ---- | M] (Hewlett-Packard ) MD5=499DD074524981C70626274646EEF5E5 -- C:\hp\drivers\hpsu\setup.exe [2005/11/14 11:24:00 | 000,121,064 | ---- | M] (Macrovision Corporation) MD5=49B3D2077199C44C1F3BBB16B4094AE6 -- C:\hp\drivers\Realtek_HDAudio\Setup.exe [2005/11/14 11:24:00 | 000,121,064 | ---- | M] (Macrovision Corporation) MD5=49B3D2077199C44C1F3BBB16B4094AE6 -- C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe [2014/04/30 17:31:40 | 001,193,984 | ---- | M] (Samsung Electronics Co., Ltd.) MD5=5598EA01FA7425BC3150132FCCF5B872 -- C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe [2000/10/05 16:00:06 | 000,054,272 | ---- | M] (InstallShield Software Corporation) MD5=56FC94234252B533BBF91412E671F172 -- C:\Program Files (x86)\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe [2012/10/15 14:20:19 | 001,407,536 | ---- | M] (Symantec Corporation) MD5=5CB6F0478AA2BDAD2247273CE8D7C71D -- C:\Users\Public\Downloads\Norton\{3A7FA539-8005-4603-87D2-SOS1-NSSv7}\Setup.exe [2006/10/26 20:06:58 | 000,439,600 | R--- | M] (Microsoft Corporation) MD5=60D89E27EC97A025C4188577DCB2048B -- C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE [2012/05/15 14:21:06 | 001,427,880 | ---- | M] (Symantec Corporation) MD5=7373C83C1AE913C0BBA1B288BE665777 -- C:\Users\Public\Downloads\Norton\{3A7FA539-8005-4603-87D2-SOS1-NSSv6}\Setup.exe [2013/11/04 20:15:40 | 000,296,760 | ---- | M] (Hewlett-Packard Company) MD5=7A021AA554046786CC42DBDF63142A07 -- C:\swsetup\SP64126\setup.exe [2014/11/06 15:04:50 | 000,389,984 | ---- | M] () MD5=7C94BD28D79A209526114BA3FF757B63 -- C:\Program Files\SAMSUNG\Samsung Link\utils\setup.exe [2014/11/26 13:12:12 | 001,087,304 | ---- | M] (Google Inc.) MD5=86E1340B409E7DF94354553B45A59CCA -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\setup.exe [2014/01/17 14:19:27 | 000,463,152 | ---- | M] (Microsoft Corporation) MD5=95B8A4245A6CD37D36E56FAE5A23E2B1 -- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe [2009/07/29 03:41:00 | 000,379,424 | ---- | M] (Macrovision Corporation) MD5=9DB0F5C8E5975A4F1B8E75E4A357CFC7 -- C:\hp\drivers\NVIDIA_Graphics\setup.exe [2010/07/21 22:03:56 | 001,373,544 | ---- | M] (Symantec Corporation) MD5=A242F8BCAC8B94D504AC38A9A2B8F170 -- C:\Users\Public\Downloads\Norton\{3A7FA539-8005-4603-87D2-SOS1-NSS-v4}\Setup.exe [2012/09/27 12:44:28 | 000,254,880 | ---- | M] (Hewlett-Packard Company) MD5=A2D2CB20D1DC453DB29D7AF56C55A422 -- C:\swsetup\SP58915\setup.exe [2013/01/16 11:48:42 | 000,051,016 | ---- | M] () MD5=A9B762CFCC5A988D4B65DF13DDE421AA -- C:\Program Files (x86)\Aimersoft\DRM Media Converter\Setup.exe [2014/12/13 20:00:07 | 001,087,816 | ---- | M] (Google Inc.) MD5=BA34C1CE9974FA02C0B19682AB683002 -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\setup.exe [2005/04/06 14:39:06 | 000,121,064 | ---- | M] (Macrovision Corporation) MD5=BEF1E6A9B97045EC3F2B9CF34ACB6810 -- C:\Program Files (x86)\InstallShield Installation Information\{17B4760F-334B-475D-829F-1A3E94A6A4E6}\setup.exe [2009/06/09 08:28:28 | 000,094,720 | ---- | M] (LSI Corporation) MD5=BFB3D9594812530F6854706E80F97B90 -- C:\hp\drivers\LSI_SoftModem\setup.exe [2009/06/09 08:28:28 | 000,094,720 | ---- | M] (LSI Corporation) MD5=BFB3D9594812530F6854706E80F97B90 -- C:\hp\drivers\LSI_USBSoftModem\setup.exe [2009/06/10 16:48:32 | 000,071,680 | ---- | M] (InstallShield Software Corporation) MD5=D3C5EB399AB4522ABF662EB72C23DB9B -- C:\Windows\SysWOW64\InstallShield\setup.exe [2009/06/10 16:48:32 | 000,071,680 | ---- | M] (InstallShield Software Corporation) MD5=D3C5EB399AB4522ABF662EB72C23DB9B -- C:\Windows\winsxs\wow64_microsoft-windows-i..llshield-wow64-main_31bf3856ad364e35_6.1.7600.16385_none_ca61f601a4548b8e\setup.exe [2011/07/27 03:58:56 | 000,439,160 | ---- | M] (Microsoft Corporation) MD5=DDDE8A72CCECAC1B61F57B04363CE4D8 -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE [2011/07/27 04:58:56 | 000,439,160 | R--- | M] (Microsoft Corporation) MD5=DDDE8A72CCECAC1B61F57B04363CE4D8 -- C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SETUP.EXE [2013/09/05 10:53:27 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) MD5=FE1BACDD4F92261EB452774409628D97 -- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AB0000000001}\setup.exe [2013/09/05 10:53:27 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) MD5=FE1BACDD4F92261EB452774409628D97 -- C:\Users\All Users\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AB0000000001}\setup.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 892 bytes -> C:\Users\cass\Documents\RoboForm files (216) are attached.eml:OECustomProperty @Alternate Data Stream - 57 bytes -> C:\Users\cass\Desktop\One Tiny Lie.lnk:mf_x @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:F8AF2BB9 < End of report >