Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My browser is being redirected by searchbif.net


  • This topic is locked This topic is locked
34 replies to this topic

#1 belated

belated

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 19 February 2012 - 11:35 PM

My browser keeps getting redirected when running internet searches. I am taken to google results, when I click on the real suggestion I am redirected with the following popping terms popping up in the address bar:

searchbif.net
Hosts: 94.63.240.127
Hosts: 94.63.240.128

When I try to update my anti-virus it will not let me. My computer constantly overheats.

I have tried malware-antibytes, eset, avast, eset online, trend-micro housecall, superanti-spyware, and spybot s&d.

the viruses that I have cleaned so far, clemag, and zbot. There were a few more but do not know the names as I removed antivies to try and install and use new ones since the problem hadn't been fixed.

OS Micorosoft Vista 64bit


Here's the first thread I created I was asked to start this new one.

My link



Thank you for your help,

Steve

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 20 February 2012 - 01:49 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 20 February 2012 - 09:46 AM

I closed all programs including browser. Is it necessary to close the browser? Also Avast shows in the tray at the bottom right on the desktop. I'm not sure how to totally disable it. Other than that I did not encounter any problems. Thanks again for your help.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Steve at 8:41:13 on 2012-02-20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3837.2269 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
C:\Windows\system32\agr64svc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
uStart Page = hxxp://www.google.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Google Update] "C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [CPN Notifier] C:\Program Files (x86)\Cake Poker 2.0\PokerNotifier.exe
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{06FF43B8-229C-4438-BEA0-8E7C2AB6561A} : DhcpNameServer = 75.75.76.76 75.75.75.75
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
mRun-x64: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [(Default)]
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {00710644-edb6-40fb-b3e2-51b615e97d5a} - C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RPM Poker\RPM Poker.lnk
IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk
SEH-X64: SABShellExecuteHook Class: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
Hosts: 94.63.240.127 www.google.com
Hosts: 94.63.240.128 www.bing.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\twll0dnw.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll
FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll
FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Users\Steve\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll
FF - plugin: C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\twll0dnw.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_160.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/03 16:35:59];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
R2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-1-14 415072]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2008-9-19 65536]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-4-8 365952]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-6-27 1153368]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-6-1 2337144]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-2-9 296320]
R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-2-9 116096]
R3 AODDriver;AODDriver;C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [2009-10-22 21048]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-4-8 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2009-6-23 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2009-6-23 67656]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-2-17 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-9 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-1-4 253600]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-6-4 1038088]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-9 136176]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2009-6-23 12872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-16 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-02-18 16:24:06 15840 ----a-w- C:\Windows\SysWow64\Machnm1.exe
2012-02-18 16:24:06 -------- d-----w- C:\Program Files (x86)\@Last Software
2012-02-18 16:24:01 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-02-18 16:24:01 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-02-18 16:24:01 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-02-18 16:24:01 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-02-18 16:24:01 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-02-18 16:24:01 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-02-18 16:24:01 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-02-18 16:22:21 -------- d-----w- C:\Users\Steve\AppData\Roaming\Malwarebytes
2012-02-18 16:22:14 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-18 16:22:13 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-18 16:22:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-18 03:35:29 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-02-18 03:35:29 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-02-18 03:35:10 41184 ----a-w- C:\Windows\avastSS.scr
2012-02-18 01:45:53 -------- d-----w- C:\ProgramData\73ef23
2012-02-17 20:57:28 -------- d-----w- C:\Users\Steve\AppData\Local\Browser Guard
2012-02-17 00:27:49 -------- d-----w- C:\ProgramData\AVAST Software
2012-02-17 00:27:49 -------- d-----w- C:\Program Files\AVAST Software
2012-02-17 00:22:17 -------- d-----w- C:\Users\Steve\AppData\Roaming\GFI Software
2012-02-16 00:29:22 -------- d-----w- C:\Program Files (x86)\ESET
2012-02-15 20:44:55 -------- d-----w- C:\ProgramData\Downloaded Installations
2012-02-15 20:34:11 -------- d-----w- C:\Program Files (x86)\GFI Software
2012-02-10 15:34:18 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7EFB256D-5AC2-4E05-8F0E-DEEA531575B8}\mpengine.dll
2012-01-26 02:54:51 515968 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-01-26 02:54:51 347136 ----a-w- C:\Windows\System32\schannel.dll
2012-01-26 02:54:51 278528 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-01-26 02:54:50 442368 ----a-w- C:\Windows\System32\winhttp.dll
2012-01-26 02:54:50 377344 ----a-w- C:\Windows\SysWow64\winhttp.dll
2012-01-26 02:54:50 1689600 ----a-w- C:\Windows\System32\lsasrv.dll
2012-01-26 02:54:45 94720 ----a-w- C:\Windows\System32\secur32.dll
2012-01-26 02:54:45 77312 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-01-26 02:54:45 11264 ----a-w- C:\Windows\System32\lsass.exe
.
==================== Find3M ====================
.
2012-01-27 06:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-05 10:59:09 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-05 10:59:09 417440 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-01-05 10:59:05 8783008 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-01-03 13:29:08 99384 ----a-w- C:\Users\Steve\AppData\Roaming\inst.exe
2012-01-03 13:29:08 82816 ----a-w- C:\Users\Steve\AppData\Roaming\pcouffin.sys
2011-11-25 16:25:32 451072 ----a-w- C:\Windows\System32\winsrv.dll
2011-11-25 12:50:00 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-11-25 12:50:00 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-11-23 13:57:38 2764800 ----a-w- C:\Windows\System32\win32k.sys
2007-05-17 02:22:08 34816 ----a-w- C:\Program Files (x86)\YASU.exe
.
============= FINISH: 8:42:04.93 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2009 5:40:25 PM
System Uptime: 2/20/2012 8:32:03 AM (0 hours ago)
.
Motherboard: Compal | | 30FC
Processor: AMD Turion™ X2 Dual-Core Mobile RM-72 | Socket M2/S1G1 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 40.677 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 2.133 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is CDROM ()
K: is CDROM ()
L: is CDROM ()
M: is CDROM ()
N: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
µTorrent
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 Professional
Adobe Flash CS4 STI-en
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader X (10.1.2)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AIM 7
AMD GPU Clock Tool
AMD OverDrive
AMD USB Audio Driver Filter
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
AutoHotkey 1.0.48.03
avast! Free Antivirus
AVI to 3GP 1.4
BayGenie eBay Auction Sniper Pro Edition 3.3.5.3
BLM 2.7.7
Cake Poker 2.0
Canon IJ Network Scan Utility
Canon IJ Network Tool
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Commandos
Compact Wireless-G USB Adapter
Connect
ConvertXtoDVD 3.3.4.106e
Coupon Printer for Windows
CyberLink DVD Suite
Dell Driver Download Manager
Download Updater (AOL LLC)
DVD-CLONER V6.00 Build 975
Dyyno Broadcaster
Easy GIF Animator 5.02
erLT
ESET Online Scanner v3
ESU for Microsoft Vista
FileHippo.com Update Checker
Fraps
Free Convert M4A to MP3 AMR OGG AAC Converter 5.8
Free YouTube to iPod Converter version 3.3
Full Tilt Poker
GameSpy Arcade
GameSpy Comrade
Google Chrome
Google Earth
Google Update Helper
GTK+ Runtime 2.14.7 rev a (remove only)
Heroes™ II Gold
HijackThis 2.0.2
Holdem Manager
Holdem Manager 2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Common Access Service Library
HP Doc Viewer
HP Help and Support
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart SlingPlayer
HP MediaSmart TV
HP MediaSmart Webcam
HP MULTIPLE MODEM INSTALLER for VISTA
HP Quick Launch Buttons
HP Total Care Advisor
HP Total Care Setup
HP Update
HP User Guides 0129
HP Wireless Assistant
HPAsset component for HP Active Support Library
HyperCam 2
IDT Audio
Image Converter
ImagXpress
ImgBurn
Java Auto Updater
Java™ 6 Update 26
Java™ 6 Update 7
Juno Preloader
K-Lite Mega Codec Pack 4.8.5
kuler
LightScribe System Software
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office File Validation Add-In
Microsoft Reader
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Midway Arcade Treasures
Morrowind
Move Media Player
Mozilla Firefox 10.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4 Parser
Musicnotes Software Suite 1.2
muvee Reveal
My HP Games
Nero ControlCenter
neroxml
NVIDIA PhysX
Oblivion
Olympus Digital Wave Player
OLYMPUS DSS Player-Lite
PC Pitstop Optimize 1.5
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
Poker Tracker Version 2.17.03j
PokerStove version 1.24
PokerTracker 3 (remove only)
PostgreSQL 8.3
Power2Go
PowerDirector
PowerISO
QLBCASL
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
Revo Uninstaller 1.92
Rise of Nations
RPM Poker
RunBetterPoker.com MergeKeys Beta
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
SketchUp 5
Skype™ 5.5
Slingbox - Watch Your TV Anywhere
SlingPlayer
Spybot - Search & Destroy
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
TableNinja
TableScan Turbo RC1 build 4 (BETA)
TeamViewer 6
TournamentParser
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update Installer for WildTangent Games App
Veetle TV 0.9.18
VideoSpirit Pro 1.56
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.3
WildTangent Games App (HP Games)
Windows Media Player Firefox Plugin
WinRAR archiver
WinZip 15.0
.
==== Event Viewer Messages From Past Week ========
.
2/20/2012 8:37:17 AM, Error: PlugPlayManager [12] - The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428) disappeared from the system without first being prepared for removal.
2/20/2012 8:37:17 AM, Error: PlugPlayManager [12] - The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0028) disappeared from the system without first being prepared for removal.
2/20/2012 8:37:17 AM, Error: PlugPlayManager [12] - The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0228) disappeared from the system without first being prepared for removal.
2/20/2012 8:37:17 AM, Error: PlugPlayManager [12] - The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0328) disappeared from the system without first being prepared for removal.
2/20/2012 8:33:43 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/20/2012 8:33:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRdr aswSnx aswSP aswTdi SASDIFSV SASKUTIL SBRE
2/20/2012 8:32:59 AM, Error: Service Control Manager [7001] - The avast! Antivirus service depends on the aswMonFlt service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2012 8:32:59 AM, Error: Service Control Manager [7000] - The aswMonFlt service failed to start due to the following error: A device attached to the system is not functioning.
2/20/2012 8:32:59 AM, Error: Service Control Manager [7000] - The aswFsBlk service failed to start due to the following error: A device attached to the system is not functioning.
2/20/2012 8:32:21 AM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2/20/2012 8:32:21 AM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2/19/2012 4:12:26 PM, Error: EventLog [6008] - The previous system shutdown at 4:09:01 PM on 2/19/2012 was unexpected.
2/17/2012 8:35:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL SBRE
2/17/2012 8:35:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
2/17/2012 8:35:00 PM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/17/2012 8:11:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
2/17/2012 8:10:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
2/17/2012 8:01:09 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL SBRE SCDEmu Smb spldr tdx Wanarpv6
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/17/2012 8:00:15 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/17/2012 8:00:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/17/2012 7:59:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/17/2012 7:59:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/17/2012 7:59:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
2/17/2012 7:59:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/17/2012 7:59:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/17/2012 10:19:37 PM, Error: Service Control Manager [7000] - The avast! Network Shield Support service failed to start due to the following error: A device attached to the system is not functioning.
2/17/2012 10:19:37 PM, Error: Service Control Manager [7000] - The aswSP service failed to start due to the following error: A device attached to the system is not functioning.
2/16/2012 8:58:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL SBRE SCDEmu Smb spldr tdx Wanarpv6
2/16/2012 8:54:32 PM, Error: Service Control Manager [7034] - The AODService service terminated unexpectedly. It has done this 1 time(s).
2/16/2012 8:53:34 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
2/16/2012 7:40:49 PM, Error: EventLog [6008] - The previous system shutdown at 7:21:43 PM on 2/16/2012 was unexpected.
2/16/2012 5:38:40 AM, Error: EventLog [6008] - The previous system shutdown at 5:35:29 AM on 2/16/2012 was unexpected.
2/16/2012 4:37:42 AM, Error: EventLog [6008] - The previous system shutdown at 10:25:27 PM on 2/15/2012 was unexpected.
2/16/2012 4:18:40 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: A device attached to the system is not functioning.
2/16/2012 4:18:40 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: A device attached to the system is not functioning.
2/16/2012 4:15:06 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
2/16/2012 11:46:01 AM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
2/16/2012 11:45:48 AM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
2/15/2012 8:41:57 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ALLA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{06FF43B8-229C-4438-BEA0-8E7C2AB6561A}. The master browser is stopping or an election is being forced.
2/15/2012 8:01:30 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ehdrv SASDIFSV SASKUTIL SBRE
2/15/2012 8:01:30 AM, Error: Service Control Manager [7000] - The epfwwfpr service failed to start due to the following error: A device attached to the system is not functioning.
2/15/2012 8:01:30 AM, Error: Service Control Manager [7000] - The eamonm service failed to start due to the following error: A device attached to the system is not functioning.
2/15/2012 4:55:54 PM, Error: Service Control Manager [7000] - The sbwtis service failed to start due to the following error: A device attached to the system is not functioning.
2/15/2012 4:54:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL SbFw SBRE
2/15/2012 4:54:40 PM, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: A device attached to the system is not functioning.
2/15/2012 3:06:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL SbFw SBRE SCDEmu Smb spldr tdx Wanarpv6
2/15/2012 3:05:17 PM, Error: EventLog [6008] - The previous system shutdown at 3:02:52 PM on 2/15/2012 was unexpected.
2/15/2012 2:32:02 PM, Error: EventLog [6008] - The previous system shutdown at 2:23:02 PM on 2/15/2012 was unexpected.
2/15/2012 10:26:33 AM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
2/14/2012 8:21:07 PM, Error: EventLog [6008] - The previous system shutdown at 8:11:00 PM on 2/14/2012 was unexpected.
2/14/2012 7:42:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC ehdrv NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL SBRE SCDEmu Smb spldr tdx Wanarpv6
2/13/2012 9:36:40 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
2/13/2012 9:36:40 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PostgreSQL Database Server 8.3 service to connect.
2/13/2012 9:36:40 AM, Error: Service Control Manager [7000] - The PostgreSQL Database Server 8.3 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/13/2012 9:31:33 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the syshost32 service to connect.
2/13/2012 7:07:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
2/13/2012 2:55:08 PM, Error: EventLog [6008] - The previous system shutdown at 2:37:00 PM on 2/13/2012 was unexpected.
.
==== End Of File ===========================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 20 February 2012 - 01:58 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 20 February 2012 - 02:53 PM

My browser is no longer being redirected. Avast will not update though. When I try to update it A box pops up saying "Failed to update. The avast! service is not running."

Here's the log:

ComboFix 12-02-19.02 - Steve 02/20/2012 13:10:45.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3837.2232 [GMT -6:00]
Running from: c:\users\Steve\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Steve\AppData\Roaming\1&1
c:\users\Steve\AppData\Roaming\1&1\1&1 EasyLogin\customer.xml
c:\users\Steve\AppData\Roaming\1&1\1&1 EasyLogin\EasyLogin.log
c:\users\Steve\AppData\Roaming\1&1\1&1 EasyLogin\update\EasyLogin_setup_US.exe
c:\users\Steve\AppData\Roaming\Roaming
c:\users\Steve\AppData\Roaming\Roaming\HoldemManager\config\FTPRushTables.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-01-20 to 2012-02-20 )))))))))))))))))))))))))))))))
.
.
2012-02-20 19:22 . 2012-02-20 19:22 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-02-20 19:22 . 2012-02-20 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-20 14:33 . 2012-02-20 14:33 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-02-20 14:33 . 2012-02-20 14:33 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-02-20 14:33 . 2012-02-20 14:33 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-02-20 14:33 . 2012-02-20 14:33 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-02-20 14:33 . 2012-02-20 14:33 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-02-20 14:33 . 2012-02-20 14:33 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-02-20 14:33 . 2012-02-20 14:33 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-02-20 14:33 . 2012-02-20 14:33 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-02-20 14:33 . 2012-02-20 14:33 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-02-20 14:33 . 2012-02-20 14:33 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-02-20 14:33 . 2012-02-20 14:33 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-02-20 14:33 . 2012-02-20 14:33 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-02-20 14:32 . 2012-02-20 14:32 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-02-20 14:32 . 2012-02-20 14:32 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-02-20 14:32 . 2012-02-20 14:32 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-02-20 14:32 . 2012-02-20 14:32 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-02-20 14:32 . 2012-02-20 14:32 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-02-18 16:24 . 2012-02-18 16:24 -------- d-----w- c:\program files (x86)\@Last Software
2012-02-18 16:24 . 2004-03-05 06:21 15840 ----a-w- c:\windows\SysWow64\Machnm1.exe
2012-02-18 16:24 . 2012-02-18 16:24 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-02-18 16:24 . 2012-02-18 16:24 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-02-18 16:24 . 2003-11-11 00:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-02-18 16:24 . 2003-11-11 00:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-02-18 16:24 . 2003-11-11 00:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-02-18 16:24 . 2003-11-11 00:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-02-18 16:24 . 2003-11-11 00:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-02-18 16:22 . 2012-02-18 16:22 -------- d-----w- c:\users\Steve\AppData\Roaming\Malwarebytes
2012-02-18 16:22 . 2012-02-18 16:22 -------- d-----w- c:\programdata\Malwarebytes
2012-02-18 16:22 . 2012-02-19 11:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-18 16:22 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-18 03:35 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-18 03:35 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-18 03:35 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-18 03:35 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-18 03:35 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-18 03:35 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-18 03:35 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-02-18 03:35 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-02-18 01:45 . 2012-02-18 01:46 -------- d-----w- c:\programdata\73ef23
2012-02-17 20:57 . 2012-02-17 21:02 -------- d-----w- c:\users\Steve\AppData\Local\Browser Guard
2012-02-17 00:29 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-17 00:27 . 2012-02-18 03:34 -------- d-----w- c:\programdata\AVAST Software
2012-02-17 00:27 . 2012-02-18 03:34 -------- d-----w- c:\program files\AVAST Software
2012-02-17 00:22 . 2012-02-17 00:22 -------- d-----w- c:\users\Steve\AppData\Roaming\GFI Software
2012-02-16 00:29 . 2012-02-16 00:29 -------- d-----w- c:\program files (x86)\ESET
2012-02-15 20:44 . 2012-02-15 20:44 -------- d-----w- c:\programdata\Downloaded Installations
2012-02-15 20:34 . 2012-02-15 20:34 -------- d-----w- c:\program files (x86)\GFI Software
2012-02-10 15:34 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EFB256D-5AC2-4E05-8F0E-DEEA531575B8}\mpengine.dll
2012-01-26 02:54 . 2011-11-17 06:53 515968 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-26 02:54 . 2011-11-16 16:42 347136 ----a-w- c:\windows\system32\schannel.dll
2012-01-26 02:54 . 2011-11-16 16:23 278528 ----a-w- c:\windows\SysWow64\schannel.dll
2012-01-26 02:54 . 2011-11-16 16:43 442368 ----a-w- c:\windows\system32\winhttp.dll
2012-01-26 02:54 . 2011-11-16 16:41 1689600 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-26 02:54 . 2011-11-16 16:23 377344 ----a-w- c:\windows\SysWow64\winhttp.dll
2012-01-26 02:54 . 2011-11-16 16:42 94720 ----a-w- c:\windows\system32\secur32.dll
2012-01-26 02:54 . 2011-11-16 16:24 77312 ----a-w- c:\windows\SysWow64\secur32.dll
2012-01-26 02:54 . 2011-11-16 14:34 11264 ----a-w- c:\windows\system32\lsass.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 06:52 . 2009-10-03 05:41 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 10:59 . 2012-01-05 03:10 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-05 10:59 . 2011-05-17 18:36 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-05 10:59 . 2012-01-05 10:59 8783008 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-01-03 13:29 . 2009-08-07 21:34 99384 ----a-w- c:\users\Steve\AppData\Roaming\inst.exe
2012-01-03 13:29 . 2009-08-07 21:34 82816 ----a-w- c:\users\Steve\AppData\Roaming\pcouffin.sys
2011-11-25 16:25 . 2012-01-11 19:51 451072 ----a-w- c:\windows\system32\winsrv.dll
2011-11-25 12:50 . 2011-11-25 12:50 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-11-25 12:50 . 2011-11-25 12:50 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-11-23 13:57 . 2011-12-14 06:37 2764800 ----a-w- c:\windows\system32\win32k.sys
2007-05-17 02:22 . 2009-06-07 04:12 34816 ----a-w- c:\program files (x86)\YASU.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\atapi.sys
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\kbdclass.sys
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\ndis.sys
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\ntfs.sys
.
[-] 1601-01-01 00:00 . !HASH: COULD NOT OPEN FILE !!!!! . 0 . . [------] .. c:\windows\system32\drivers\null.sys
.
[7] 2011-09-20 . 2CC45D932BD193CD4117321D469AD6B2 . 1426304 . . [6.0.6002.18519] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[7] 2011-09-20 . 73BED5067ED53A9DF05FA8EAB42578D0 . 1423744 . . [6.0.6002.22719] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[7] 2011-06-17 . 4DAD14118FBCF7C609F2A4CE21FBCC5F . 1427344 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[7] 2011-06-17 . 19A7321E3A5F1DDB215D2815DCC8F8E4 . 1424272 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[7] 2010-06-16 . D43D5336BE9DD93E02EE124297295713 . 1414544 . . [6.0.6001.22713] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[7] 2010-06-16 . 0011810B5211FDACD784DE585262ECFE . 1424264 . . [6.0.6002.22425] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[7] 2010-06-16 . 973658A2EA9C06B2976884B9046DFC6C . 1426816 . . [6.0.6002.18272] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[7] 2010-06-16 . 7D86275FB640011B372FD566C0EAFA8D . 1420176 . . [6.0.6001.18493] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[7] 2010-02-18 . 4680D08A2E8A2509CD9B751D7AF59606 . 1414032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[7] 2010-02-18 . 30C4ABC8075DEA44D7E775D434AF1753 . 1420688 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[7] 2010-02-18 . B4B7B375FDD672AF79B0CBE9B9A48B47 . 1427336 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[7] 2010-02-18 . 4AD4600DF1F09EE7462152C061B683C8 . 1423752 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[7] 2010-02-18 . 7B0B928E318CADC23C87226BE0A1097D . 1198080 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[7] 2010-02-18 . 396CF3FD8D2A4FDF55570C01894DB9DF . 1200640 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[7] 2009-12-08 . D1A6D398865E0686533E13DD2558D64B . 1411656 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[7] 2009-12-08 . 8C94F5E4F9DE14A495BAA86F643CF31D . 1418840 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[7] 2009-12-08 . E52F99B1160A1A1DE83223379D2C1828 . 1425480 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[7] 2009-12-08 . EE84432AD7DCADE2931528C319C55097 . 1423944 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[7] 2009-12-08 . 2F822AF5E70467F827F5B4010A7FD57F . 1199616 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[7] 2009-12-08 . BB6FB43B431CCAD6FC367648C87205C0 . 1196032 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[7] 2009-08-15 . D4E30E6BADFF21865C3A075457CF9C00 . 1196032 . . [6.0.6000.21108] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[7] 2009-08-14 . 3BCD46BE9988B09D3510A0EF54F0D65B . 1418840 . . [6.0.6001.18311] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[7] 2009-08-14 . 74B776CA1B328095FE23A3306B1613A3 . 1413208 . . [6.0.6001.22497] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[7] 2009-08-14 . A7BFF59C2F610F62E6C292074FF36A1E . 1425992 . . [6.0.6002.18091] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[7] 2009-08-14 . D45D67A18C9FD4CC637BC9D4585C0646 . 1424952 . . [6.0.6002.22200] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[7] 2009-08-14 . 34B30202AECCB530FDDC6C6CCFA2FB46 . 1200640 . . [6.0.6000.16908] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[7] 2009-04-11 . 99D07AD0EF2C535610F6573C29BC045E . 1426408 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[7] 2009-04-08 . 8E041924441FF8755E5B4F135C8C3767 . 1421368 . . [6.0.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[7] 2009-04-08 . F10A60005FB50698E33A1940C6EBB010 . 1421368 . . [6.0.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
[7] 2008-01-21 . 7A1183FBB802F5ABAD7FA18BC67E0858 . 1421368 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[7] 2011-09-20 . 2CC45D932BD193CD4117321D469AD6B2 . 1426304 . . [6.0.6002.18519] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[7] 2008-01-21 . 8C39C72E0E853DE04748C0337D9B9216 . 94208 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys
[7] 2009-04-11 . 458919C8C42E398DC4802178D5FFEE27 . 94720 . . [6.0.6002.18005] .. c:\windows\system32\drivers\tdx.sys
.
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_d507c23d565be6a3\browser.dll
[7] 2008-01-21 . A1B39DE453433B115B4EA69EE0343816 . 103424 . . [6.0.6000.16386] .. c:\windows\system32\browser.dll
.
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6002.18541] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[7] 2011-11-16 . 54BC2124F6BCF2050D7C3057C0611AD4 . 11264 . . [6.0.6002.22742] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[7] 2009-09-10 . 1104B18819392FEA12FB5F9E170E66B3 . 9728 . . [6.0.6000.21125] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[7] 2009-09-10 . BBBCE2DACDCCD5EA60A50D0023AE2DE9 . 11264 . . [6.0.6002.22223] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[7] 2009-09-09 . 41FB90DF49F203672F459122EF1F13B1 . 11264 . . [6.0.6001.22518] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[7] 2009-06-15 . 1E766E4C5BF9E230AD37A56BF7DB6C94 . 9728 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[7] 2009-06-15 . 306E4503E083A498AE797FF59FA72839 . 9728 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[7] 2009-06-15 . 80F4593E92FF960E4763380D3168E498 . 11264 . . [6.0.6001.18272] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[7] 2009-06-15 . 02474FBCB00AA5C622E92F620DB9A041 . 11264 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[7] 2009-06-15 . 40348DCEC0712ED42231C5F90A69A690 . 11264 . . [6.0.6002.18051] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[7] 2009-06-15 . EBDAEE60E442BEA413E5D7CEDFB09463 . 11264 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
[7] 2009-02-13 . 1979F94B28107233315DD6220F2304DD . 11264 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[7] 2009-02-13 . E231BDBD7D69857EEFFDEB3A48A53824 . 9728 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[7] 2009-02-13 . 563B71CEF1D46A24C5980FA2988DB67F . 9728 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[7] 2008-01-21 . 1B461E9F6DB0EF829B4369F47A24BBEC . 11264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[7] 2011-11-16 . 260BF9C43EE12C6898A9F5AAB0FB0E5D . 11264 . . [6.0.6000.16386] .. c:\windows\system32\lsass.exe
.
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll
[7] 2008-01-21 . 9B63B29DEFC0F3115A559D2597BF5D75 . 348160 . . [6.0.6000.16386] .. c:\windows\system32\netman.dll
.
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[7] 2008-01-21 . D896A0D43F8AB81ECB1FC6C24DECFD58 . 1082368 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll
[7] 2009-04-11 . 6D316F4859634071CC25C4FD4589AD2C . 1081856 . . [7.0.6001.18000] .. c:\windows\system32\qmgr.dll
.
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[7] 2009-03-03 . 857E04C16007E60FCC0803239C853E78 . 717824 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_c6259b510f93cd21\rpcss.dll
[7] 2009-03-03 . 52CDADE8289FF21F1F2215FF51A5F36C . 718336 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_c5d9dd2ff64839ac\rpcss.dll
[7] 2009-03-03 . 007F8DE7AC0F9386C3FD2EC7DC87C37A . 724992 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_c3e2cce1f92f2ca2\rpcss.dll
[7] 2009-03-03 . 54FF562C2710BB610B019D723B16FB2A . 724992 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_c47a129912422fc2\rpcss.dll
[7] 2008-01-21 . FF27BE0BA7B3C48D5C99AFCB56D436C2 . 713728 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777ff63d6f72\rpcss.dll
[7] 2009-04-11 . CF8B9A3A5E7DC57724A89D0C3E8CF9EF . 719872 . . [6.0.6000.16386] .. c:\windows\system32\rpcss.dll
.
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[7] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
[7] 2010-08-17 . 439017BE66398AB809D81B3AE8393883 . 273920 . . [6.0.6002.22468] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6002.18294] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe
[7] 2010-08-17 . 92E6738D25C2123BE9515C0EAC0776CD . 267776 . . [6.0.6001.18511] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[7] 2010-08-17 . 7F59AA690212241B398D6DBE4071EE3C . 270848 . . [6.0.6001.22743] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[7] 2009-04-11 . EADA445EAEDD1D7DF4C5EB42B3612729 . 268288 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[7] 2008-01-21 . E6519A9E756D74DC51C697BA62162F51 . 267264 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[7] 2010-08-17 . F66FF751E7EFC816D266977939EF5DC3 . 273920 . . [6.0.6000.16386] .. c:\windows\system32\spoolsv.exe
.
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[7] 2008-01-21 . 856491FCED98093D824B9EB2892F564A . 406016 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[7] 2009-04-11 . 6D0773A3A65D28B663F334C90441D01A . 405504 . . [6.0.6001.18000] .. c:\windows\system32\winlogon.exe
.
[7] 2009-08-07 . 0CAF9B387CC42FC365626003E0751937 . 57560 . . [7.4.7600.226] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_4597bdc113f9f351\wuauclt.exe
[7] 2008-10-16 . 0DF8A7A5E072A6BA0AF1E563518255C0 . 54296 . . [7.2.6001.788] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_8683d52d1ee055aa\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_fc7174b1ecdd9336\wuauclt.exe
[7] 2008-01-21 . 44E38EB04F48FCD1D0D230C10A3EED39 . 45568 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_fe5cedbde9ff5e82\wuauclt.exe
[7] 2006-11-02 . 82979850A3E9B7581E28852139EB9D01 . 44032 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_08ca3670650bd993\wuauclt.exe
[7] 2009-08-07 . 0CAF9B387CC42FC365626003E0751937 . 57560 . . [7.4.7600.226] .. c:\windows\system32\wuauclt.exe
.
[7] 2010-09-02 . E5763ED4A35DE72855B731EDF2081B6E . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_97d4553ba6d9b810\comctl32.dll
[7] 2010-09-02 . 55EAEF6344C328416969AA1622100139 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_fe44c5cb0dae9066\comctl32.dll
[7] 2010-09-02 . F80C6985B787E40EB2B6B99A453A243A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_432d25ac526cda7f\comctl32.dll
[7] 2010-09-01 . EB00FFCBB31A4CA35F80D92F14CBF04B . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_96135489a9968dcc\comctl32.dll
[7] 2010-09-01 . CA41B0BFB677D1261E68EA138CE106C2 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_fe655b750d60b18a\comctl32.dll
[7] 2010-09-01 . 16C1CC7E5B6A5B6A21C368D39DC4B03F . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_42a7622b394b8efb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_97a639428d76b771\comctl32.dll
[7] 2010-08-31 . 46662CD685A6341AB4AED86D134D80E9 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
[7] 2010-08-31 . 09451F87CFF73FF22D9479FB0A73861C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
[7] 2010-08-31 . 058BE5961AC5D6ACFD1961C2471F61B5 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_95a8250890626a5a\comctl32.dll
[7] 2010-08-31 . 6D98A7638947F0C9DAB31F094A591795 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec\comctl32.dll
[7] 2010-08-31 . F39DFA95BC391B166B40F4E38E5F1223 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_40bf29b13c26ca69\comctl32.dll
[7] 2009-04-11 . 94B60C9A7AEE8A9F3C1028F8DC5CED41 . 2050048 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da\comctl32.dll
[7] 2008-01-21 . BD3133E6B73195A95C67F7B09E012DE0 . 2049024 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6\comctl32.dll
[7] 2008-01-21 . 67DA61D3B12CEB5A4C86646AB468F0BA . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_95baba849054f4b0\comctl32.dll
[7] 2008-01-21 . 23797D89BE03772F411E387A3C81DBF8 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_40ba501d3c2b20ff\comctl32.dll
[7] 2006-11-02 . C6FFCA00D8C81D66C4194378EFF34199 . 2017792 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa\comctl32.dll
[7] 2006-11-02 . E47109C2D7D95962D08C9FD061A9BAD3 . 629248 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_40339432230aebeb\comctl32.dll
[7] 2010-08-31 . 74ABE02BF1937B32C6FC169A782FCF60 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_88cf765b9e8f4a59\comres.dll
[7] 2008-01-21 . DDEE5FE5C3C3141CE02DE6B7B2BF686B . 1291264 . . [2001.12.6930.16386] .. c:\windows\system32\comres.dll
.
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[7] 2008-01-21 . 4374F784121D8B3BB466B03F5E5EBD33 . 165376 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[7] 2009-04-11 . 18918613E63F387CDE4D95CA7D49DCF7 . 166912 . . [6.0.6000.16386] .. c:\windows\system32\cryptsvc.dll
.
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[7] 2009-04-08 . 1782416278B378F80862187EEBC0A51C . 361472 . . [2001.12.6930.16677] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_66e14e8d0d26f566\es.dll
[7] 2009-04-08 . 7143F5F8D7FF0712B6D2F336495554FE . 361472 . . [2001.12.6930.20818] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_67accd1026130408\es.dll
[7] 2009-04-08 . 6B1A97BF9FEFBDC83F3C7C7D0F826C66 . 361984 . . [2001.12.6931.18057] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_68dd2d0b0a3d4e75\es.dll
[7] 2009-04-08 . AE5538074DF0BB8EE5A3ECB9F5460965 . 361984 . . [2001.12.6931.22162] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6956f87823678b7d\es.dll
[7] 2008-01-21 . D8338E6B3C23AD36096A6FDABD039283 . 354304 . . [2001.12.6931.18000] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_690c3aa10a1b115f\es.dll
[7] 2009-04-11 . E12F22B73F153DECE721CD45EC05B4AF . 361984 . . [2001.12.6932.18005] .. c:\windows\system32\es.dll
.
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_ba6032a62fea3984\imm32.dll
[7] 2008-01-21 . 8D2C00D198598AAE77B1648FFBF39895 . 163840 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_b874b99a32c86e38\imm32.dll
[7] 2009-04-11 . 62C15795629FA290656C6A7E5CD25F52 . 163840 . . [6.0.6002.18005] .. c:\windows\system32\imm32.dll
.
[7] 2010-04-16 . 1795848538EA2328648E9FAB31351157 . 622080 . . [1.0626.6002.22384] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_0b36ae8b275afcf9\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_0ad851700e1ced6b\usp10.dll
[7] 2010-04-16 . 718AA06AE8741F8C7877C25F4AD97280 . 622080 . . [1.0626.6001.18461] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_08d93cec110986fd\usp10.dll
[7] 2010-04-16 . EB7E9B4E65D014EF958330C3E55735DD . 622592 . . [1.0626.6001.22672] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_09590bfb2a2e5936\usp10.dll
[7] 2009-04-11 . 6C7812812F7F343100EA655DC26C9888 . 621568 . . [1.0626.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_0b048d9e0dfb9cb0\usp10.dll
[7] 2008-01-21 . 8745227FAB62C0886B4B122CAD1D799E . 622080 . . [1.0626.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_0919149210d9d164\usp10.dll
[7] 2010-04-16 . 11EAF90B44A9E378CB6F4ECBF2471F60 . 621568 . . [1.0626.6002.18244] .. c:\windows\system32\usp10.dll
.
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6002.18449] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_f1a0c2e10be78eec\kernel32.dll
[7] 2011-04-12 . F2338C94CDCD7AD28A14428D46A05D0B . 1211904 . . [6.0.6002.22625] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_f23c004224f88e9f\kernel32.dll
[7] 2011-04-12 . 6ADB508FEADBDEC41C194B4C03FA5201 . 1208832 . . [6.0.6001.18631] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_efbd1caf0ec055f8\kernel32.dll
[7] 2011-04-12 . 777DF7F47BEE82833E324F0EB18B7ED1 . 1213440 . . [6.0.6001.22898] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_f00cddde28084bf0\kernel32.dll
[7] 2009-04-11 . A1489655AB04BBB5290C3FC274D33E57 . 1217536 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_f1c7f9d10bcac530\kernel32.dll
[7] 2009-02-13 . 8331C9E592358DE5157169699BD836D7 . 1208832 . . [6.0.6001.18215] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_efd6b6170eac8ed6\kernel32.dll
[7] 2009-02-13 . 2EEE45C483BA534A84CACC9D8001FE0E . 1210880 . . [6.0.6001.22376] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_f02073a427f9ef9d\kernel32.dll
[7] 2009-02-13 . 1A5CE3CDE414ED758D4E1616F422C20B . 1233408 . . [6.0.6000.16820] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_ede0a61311929b23\kernel32.dll
[7] 2009-02-13 . 08E8EF6A8D18BD1D89896903DCD103D2 . 1233920 . . [6.0.6000.21010] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_ee74eaec2aa8523e\kernel32.dll
[7] 2008-01-21 . 1122C8BE4BC4F392598A9543DC1014E0 . 1213952 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_efdc80c50ea8f9e4\kernel32.dll
[7] 2011-04-12 . 2299078C1E59FE69ADDF49897D6A373A . 1210880 . . [6.0.6001.18000] .. c:\windows\system32\kernel32.dll
.
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_9483cda05db182e8\linkinfo.dll
[7] 2008-01-21 . 8BDE3074EE7BB92030448419E33635C7 . 29184 . . [6.0.6001.18000] .. c:\windows\system32\linkinfo.dll
.
[7] 2011-02-16 . C95E1180E721401CE923FD4381216F45 . 32768 . . [6.0.6002.22589] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_0814533329607318\lpk.dll
[7] 2011-02-16 . EBADCE0742E19CAE2F1FE37D12AE9512 . 32768 . . [6.0.6001.22854] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_06494f9d2c264b6e\lpk.dll
[7] 2011-01-08 . 53F965A37AF97ED41A5D722F653F7A16 . 32768 . . [6.0.6002.22566] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_0826f22d2952ef31\lpk.dll
[7] 2011-01-08 . 973AC5DF18195F659F950BAD8B52FC27 . 32768 . . [6.0.6001.22830] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_065aee4d2c19ae30\lpk.dll
[7] 2010-10-28 . 712393754587ECC35EC72680D3031298 . 32768 . . [6.0.6002.22514] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_085b0135292c30ce\lpk.dll
[7] 2010-10-28 . 502D874EFB849DB686B31EA5C6C64750 . 32768 . . [6.0.6001.22787] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_062bded12c3bee1f\lpk.dll
[7] 2010-05-26 . 015628C13EA6B4CC62D9CFC276379F02 . 32768 . . [6.0.6002.22412] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_0858febb292e00f9\lpk.dll
[7] 2010-05-26 . 801AA6FFA579BA861BF002E5DB209F19 . 32768 . . [6.0.6001.22700] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_067b5c2b2c015d36\lpk.dll
[7] 2009-10-19 . 35E625ED9FE3A7F29CA7694BA02AEA7B . 32768 . . [6.0.6001.22544] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_065419d72c1e3808\lpk.dll
[7] 2009-10-19 . 96975D0384839E4FA2BE137B0F386ADA . 33280 . . [6.0.6000.21142] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_046bb0d92ef9aa84\lpk.dll
[7] 2009-10-19 . B96C6EA864956C49B8426ED10340C772 . 33280 . . [6.0.6000.16939] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_03f40dde15cd6ce8\lpk.dll
[7] 2009-10-19 . B9A0B9E32F7AB5717A9CEC1B4DC05C62 . 32768 . . [6.0.6002.22247] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_083d8c9d2941d931\lpk.dll
[7] 2009-06-15 . 4E53E703118C8092D255B4BEC2FE997B . 33280 . . [6.0.6000.21067] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_045b108d2f0563f2\lpk.dll
[7] 2009-06-15 . 25634B6ADDBAB73F6EF235D26D93C84A . 33280 . . [6.0.6000.16870] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_03bfc9ae15f5fb76\lpk.dll
[7] 2009-06-15 . 414E030D6D67F6F7F4663BCF441936CA . 32768 . . [6.0.6001.22450] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_064546dd2c29f176\lpk.dll
[7] 2009-06-15 . 1E8003BF4D8A37EA8BFA005879D47258 . 32768 . . [6.0.6002.22152] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_082db959294e7948\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_05f1b3fc12e3ce82\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_05a808e8131abf15\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_05ca7b2613009b17\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_059d3cc81322d554\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_05cd7fd012fde16a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_05af10a0131467eb\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_059970c813249fcd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_07dd2d08100599ce\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_07a31c441031c027\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_07c68ecc1016b580\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_0799506e1038efbd\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_07bdc340101cfe6d\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_078d821e1041ef7e\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_07dd34a010058e6a\lpk.dll
[7] 2008-01-21 . 891E1D0DCDE747C8F1EE71E61EA193F5 . 32768 . . [6.0.6001.18000] .. c:\windows\system32\lpk.dll
.
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_0c54e1384cf6f7c7\hnetcfg.dll
[7] 2008-01-21 . D23E5184266747DDCE9D0C6581D916B3 . 433664 . . [6.0.6000.16386] .. c:\windows\system32\hnetcfg.dll
.
[7] 2011-11-04 . 5770C4BA825C42D6EFD9486029747108 . 17786368 . . [9.00.8112.20544] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20544_none_2fcbe6e131965615\mshtml.dll
[7] 2011-11-04 . E7BD23BEC69CF23436EEDE9B18DE186D . 17786368 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16440_none_2f3e48ee187c50ef\mshtml.dll
[7] 2011-09-01 . 02B4E6CCCA443568764281391635F5A4 . 17781760 . . [9.00.8112.16437] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16437_none_2f501ae0186de65f\mshtml.dll
[7] 2011-09-01 . 0254785C0A7715E478FE89540A992CB5 . 17781760 . . [9.00.8112.20537] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20537_none_2fd9b7ab318b8629\mshtml.dll
[7] 2011-08-17 . B721EFCC393D76390A319A8A30B1B654 . 17782272 . . [9.00.8112.16434] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16434_none_2f4d1a0218709a5a\mshtml.dll
[7] 2011-07-23 . 4B8CB3CD67934703B5EC5C6CD756CB1E . 9281536 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_52cf7c550974a87d\mshtml.dll
[7] 2011-07-23 . B0FAEB94C49857B08EB7E8C64FB1A190 . 9278976 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_52350de1f0648c9a\mshtml.dll
[7] 2011-05-28 . 72384FEAEE3C79B98979EA848547C8ED . 9273856 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_527ec98909b1f03a\mshtml.dll
[7] 2011-05-28 . 3A87CEE544BEB10254F9D37701EC1116 . 9272320 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_51fc2ec3f08e01d1\mshtml.dll
[7] 2011-02-22 . 6DFD3BCCF9C101847B7E68D00C92A19F . 9265664 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_52ac09cd098fb324\mshtml.dll
[7] 2011-02-22 . D972E38E0519FF6F805B88676767CE64 . 9265664 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_52276e73f06d920d\mshtml.dll
[7] 2010-12-18 . A9CBEECAF9C57A976A1E5C1042644881 . 9265152 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_52ca78fd09792ca3\mshtml.dll
[7] 2010-12-18 . 9E936F64DFF6442FCD735417305DFBDA . 9264640 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_5248de81f0545791\mshtml.dll
[7] 2010-11-02 . 08C95DAD69489E8292076EF7C7043B77 . 9263104 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_5273f7b709ba0f04\mshtml.dll
[7] 2010-11-02 . 9D88761F3C38E8D13455D37C98AB8026 . 9259520 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_51f286fff09503d7\mshtml.dll
[7] 2010-09-08 . 1AD1FA13194C76F7B3F33F32FB6C5E49 . 9259008 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_529a6937099c533b\mshtml.dll
[7] 2010-09-08 . 8F192C0984F85E2124E916B9D474F06C . 9257472 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_520425aff0886699\mshtml.dll
[7] 2010-06-26 . 2FA3E77E779AFB623876CACDF4FABA13 . 9254912 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_52a90709099269f8\mshtml.dll
[7] 2010-06-26 . 8F50E9C2F2E050E1B28EAA64A0E80CCA . 9250816 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_522294dff071e018\mshtml.dll
[7] 2010-05-04 . 8C6209A7EBA1C385418811D0D1FE0153 . 9254912 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_52d279670971fa34\mshtml.dll
[7] 2010-05-04 . 228B7D8B03447A04EAF9093A8C759B45 . 9250816 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_523d3629f05d26e9\mshtml.dll
[7] 2011-11-04 . E7BD23BEC69CF23436EEDE9B18DE186D . 17786368 . . [9.00.8112.16421] .. c:\windows\system32\mshtml.dll
.
[7] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_2f5f4ab054655a2f\msvcrt.dll
[7] 2008-01-21 . 11DB261E8EE318CA41498300327CB5F2 . 621056 . . [7.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_2d73d1a457438ee3\msvcrt.dll
[7] 2009-04-11 . 37B71108BFD6E276695CE24171F2889B . 621056 . . [7.0.6002.18005] .. c:\windows\system32\msvcrt.dll
.
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
[7] 2008-01-21 . 66306D7E90650EBE667811C1AF010BAC . 304128 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[7] 2009-04-11 . BB08D93011B82883EC33C7707A9627BE . 304128 . . [6.0.6000.16386] .. c:\windows\system32\mswsock.dll
.
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[7] 2008-01-21 . 5D0A4891F8CD0E9E64FF57A6A34044F5 . 716800 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[7] 2009-04-11 . A3F1B171702CA04744EE514243B45BFB . 717312 . . [6.0.6001.18000] .. c:\windows\system32\netlogon.dll
.
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_0123b2f0b2579bf3\powrprof.dll
[7] 2008-01-21 . 6FF12A84BDBA50AFE7FCF3A524E14B71 . 121344 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_ff3839e4b535d0a7\powrprof.dll
[7] 2009-04-11 . 7823A58BF0FE3CAAA555C12B5CF91290 . 123392 . . [6.0.6001.18000] .. c:\windows\system32\powrprof.dll
.
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[7] 2008-01-21 . 35F1DD99F9903BC267C2AF16B09F9BF7 . 235520 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[7] 2009-04-11 . 9922ADB6DCA8F0F5EA038BEFF339C08B . 235520 . . [6.0.6000.16386] .. c:\windows\system32\scecli.dll
.
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_03545ed0148f16ae\sfc.dll
[7] 2006-11-02 . 2CCA759379C220D29F0066CA49E9259F . 6144 . . [6.0.6000.16386] .. c:\windows\system32\sfc.dll
.
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[7] 2008-01-21 . CDA9F1373805AF88F6FA4F2064BBA24D . 27648 . . [6.0.6000.16386] .. c:\windows\system32\svchost.exe
.
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_4146ed6b9a71d501\tapisrv.dll
[7] 2008-01-21 . 52091001CAF20AE84CF47023EE21B4BB . 318464 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_3f5b745f9d5009b5\tapisrv.dll
[7] 2009-04-11 . CC2562B4D55E0B6A4758C65407F63B79 . 318976 . . [6.0.6000.16386] .. c:\windows\system32\tapisrv.dll
.
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[7] 2008-01-21 . 32B87D215905F648EBE36A621978442C . 820224 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[7] 2009-04-11 . F3F5549E69AE8509342E67E4F972CA1C . 820224 . . [6.0.6001.18000] .. c:\windows\system32\user32.dll
.
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[7] 2008-01-21 . A0AB2BB9A92293D9CE66E252719AB5FE . 28160 . . [6.0.6000.16386] .. c:\windows\system32\userinit.exe
.
[7] 2011-11-04 . 244D45F786E33C169A93F70BA63BABF8 . 1390080 . . [9.00.8112.20544] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_1e71c7c2b13fecdf\wininet.dll
[7] 2011-11-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16440] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_1de429cf9825e7b9\wininet.dll
[7] 2011-09-01 . 271E8FB1354AA205A214F280A6766E30 . 1389056 . . [9.00.8112.16437] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_1df5fbc198177d29\wininet.dll
[7] 2011-09-01 . 1B2D2D8E611DE70CEB13F104D39814BA . 1389056 . . [9.00.8112.20537] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_1e7f988cb1351cf3\wininet.dll
[7] 2011-08-17 . 0732B49B250E306F7A6591029AF9885B . 1389056 . . [9.00.8112.16434] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_1df2fae3981a3124\wininet.dll
[7] 2011-07-23 . 14CB1B7FA859896BE14126C3EB971FD3 . 1149952 . . [8.00.6001.23216] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_41755d36891e3f47\wininet.dll
[7] 2011-07-23 . 5C5F100B93FFDA632C352AAC5C774DE6 . 1147904 . . [8.00.6001.19120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_40daeec3700e2364\wininet.dll
[7] 2011-05-28 . 964B0B8A24D4E3FAE0E365F4BEBEC471 . 1150976 . . [8.00.6001.23181] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_4124aa6a895b8704\wininet.dll
[7] 2011-05-28 . 79F3767D90BA6D04D936DC16FDCB4FB2 . 1147904 . . [8.00.6001.19088] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_40a20fa57037989b\wininet.dll
[7] 2011-02-22 . E3B43B82F025BC3B23DFDE66A4A026F2 . 1150976 . . [8.00.6001.23143] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_4151eaae893949ee\wininet.dll
[7] 2011-02-22 . 749C440784B33BC358C8D633AE64A657 . 1147904 . . [8.00.6001.19048] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_40cd4f55701728d7\wininet.dll
[7] 2010-12-18 . 6458A6B10895B0F9E63A6ACB04F2102A . 1150976 . . [8.00.6001.23111] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_417059de8922c36d\wininet.dll
[7] 2010-12-18 . B3365860010DEB30446625E333E9E1CC . 1147904 . . [8.00.6001.19019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_40eebf636ffdee5b\wininet.dll
[7] 2010-11-02 . 63B2D6E23FC6115EA8864C7DC4DC3E00 . 1150976 . . [8.00.6001.23091] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_4119d8988963a5ce\wininet.dll
[7] 2010-11-02 . 7C39BB00E4B011575C345EE1914172E4 . 1147904 . . [8.00.6001.18999] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_409867e1703e9aa1\wininet.dll
[7] 2010-09-08 . B09ACB639AA914378B33E0585EA5C44F . 1150464 . . [8.00.6001.23067] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_41404a188945ea05\wininet.dll
[7] 2010-09-08 . 6BF6EDCB40B6928BB49FEC83C8B24AF1 . 1147904 . . [8.00.6001.18975] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_40aa06917031fd63\wininet.dll
[7] 2010-06-26 . 0B27168AD18C00B4532D11ADF08FDF16 . 1150976 . . [8.00.6001.23040] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_414ee7ea893c00c2\wininet.dll
[7] 2010-06-26 . AB4A31D99C05A4C7B0C892A10E12FB47 . 1147904 . . [8.00.6001.18943] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_40c875c1701b76e2\wininet.dll
[7] 2010-05-04 . AC03101534D7E281436D19D6AD366BD5 . 1150976 . . [8.00.6001.23019] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_41785a48891b90fe\wininet.dll
[7] 2010-05-04 . B59C26C9A03B661E572C137368E3BD71 . 1147904 . . [8.00.6001.18928] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_40e3170b7006bdb3\wininet.dll
[7] 2010-02-23 . 2F7F1BB11E62BA2E3170B6A6B847DF3D . 1150976 . . [8.00.6001.22995] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_411e019e895fd7e8\wininet.dll
[7] 2010-02-23 . A1CDFFE798DA1EBF3479F87F96482160 . 1147904 . . [8.00.6001.18904] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_40f4b5bb6ffa2075\wininet.dll
[7] 2010-01-02 . 305732FEE113625C4F410878786B043B . 1147904 . . [8.00.6001.22973] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_4131a0e289516d58\wininet.dll
[7] 2010-01-02 . EDAF8EE6D81BE3FCCC8B375431D8559C . 1147904 . . [8.00.6001.18882] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_409c33e1703cd028\wininet.dll
[7] 2009-11-21 . 3958F2ACD7C145882861B0CCF9167B8D . 1147904 . . [8.00.6001.22956] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_414a4198893e817b\wininet.dll
[7] 2009-11-21 . 8A0346910DF96622B82E3411BC6DBB72 . 1147904 . . [8.00.6001.18865] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_40b4d4977029e44b\wininet.dll
[7] 2009-08-27 . EDBD07D91010DD925EB352DA66914D98 . 1147904 . . [8.00.6001.22918] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_417781dc891c4465\wininet.dll
[7] 2009-08-27 . CE0D70556096DE3BB8319E75E03E3744 . 1147904 . . [8.00.6001.18828] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_40e315257006c08c\wininet.dll
[7] 2009-07-22 . 5EFC9526905C57907BFD1295DA41BFB8 . 1146880 . . [8.00.6001.22903] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_417d50568918a9c1\wininet.dll
[7] 2009-07-21 . DC6AB393A9C7BCC24C55DBDCEE1033BD . 1146880 . . [8.00.6001.18813] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_40e8e39f700325e8\wininet.dll
[7] 2009-05-12 . AD09F2CDAD189EB379E6B457F3809C92 . 1146368 . . [8.00.6001.22874] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_41329f4689508988\wininet.dll
[7] 2009-05-09 . 18A01A9307257637D8FB4FA86F4A689F . 1146368 . . [8.00.6001.18783] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_409d3245703bec58\wininet.dll
[7] 2009-04-11 . 1FA5623B49F69207B2E1DA94DB1C5B7D . 1014272 . . [7.00.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_5ff3080d57524e68\wininet.dll
[7] 2009-04-08 . A0662CC26EEDC71C8598CBD7C986B09D . 1022464 . . [7.00.6000.16809] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_5c2a56c15d01d088\wininet.dll
[7] 2009-04-08 . BC8E5ED3269BF174B939B07FC167044E . 1024512 . . [7.00.6000.20996] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_5c4fa362766b1fc6\wininet.dll
[7] 2009-04-08 . 4C45D9EEB15838F96D77178CD6CD4244 . 1013248 . . [7.00.6001.18203] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_5e0a93ab5a2dc96f\wininet.dll
[7] 2009-04-08 . DE2EFEAC81EE3AEF9A0A297D06DEA73C . 1014272 . . [7.00.6001.22355] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_5e60216e7372279c\wininet.dll
[7] 2009-04-08 . 4C48ACC0299116CD22A9522D5C7CFFC4 . 1022464 . . [7.00.6000.16643] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_5bf911895d27adf4\wininet.dll
[7] 2009-04-08 . 3166E2EE2060D11A783A1B812B6F4945 . 1022976 . . [7.00.6000.20777] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_5c663fb8765a06ed\wininet.dll
[7] 2009-04-08 . 3CC83953BA4B51B32BD67982A1AF2AF5 . 1013760 . . [7.00.6001.18023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_5df4f0075a3e0703\wininet.dll
[7] 2009-04-08 . E06F53F091B3567EA83308E5DDFF4094 . 1013760 . . [7.00.6001.22120] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_5e7b8bf4735e5ac8\wininet.dll
[7] 2009-03-08 . 6BEDD690B7E6EBA0E9E193E17832372F . 1146368 . . [8.00.6001.18702] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_40f2b15b6ffbf379\wininet.dll
[7] 2009-03-03 . 34FEB009DEE9A9219B67D9AC0D90A1A7 . 1014784 . . [7.00.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_5e43b2d27386e0cb\wininet.dll
[7] 2009-03-03 . CC23CB07801611BF6081DED055F3C149 . 1013248 . . [7.00.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_5df7f4b15a3b4d56\wininet.dll
[7] 2009-03-03 . A269DC29C60D8FAF8F370D106BEAE859 . 1022976 . . [7.00.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_5c00e4635d22404c\wininet.dll
[7] 2009-03-03 . BC7CDFE7CC70BEE8F81C7AB54FE4A44D . 1024512 . . [7.00.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_5c982a1a7635436c\wininet.dll
[7] 2008-01-21 . 364B631BCD934D95CCD2E373F8DD8D7C . 1011712 . . [7.00.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_5e078f015a30831c\wininet.dll
[7] 2011-11-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16421] .. c:\windows\system32\wininet.dll
.
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
[7] 2008-01-21 . 63944ECFE4878C1C4889689324CABFAB . 265216 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[7] 2009-04-11 . BAB10B35E2D5EE0DC3DE05A177C52C50 . 264704 . . [6.0.6000.16386] .. c:\windows\system32\ws2_32.dll
.
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\ws2help.dll
[7] 2008-01-21 . 9CD45523D76E4177C612B03C879E0AFF . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ws2help.dll
.
[7] 2010-06-28 . 48E49F1EFE1F20A078DD656DE81AFBA8 . 1916928 . . [6.0.6002.22433] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_0a8eee10c108556a\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6002.18277] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_09de10d7a8078d99\ole32.dll
[7] 2010-06-28 . C7E11F8B2F3130FB7C3866F1816C4E7D . 1923584 . . [6.0.6001.18498] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_07e2fd7baaf08c87\ole32.dll
[7] 2010-06-28 . 6F9FBFDF627A958ECDD1CB65704CB846 . 1922560 . . [6.0.6001.22720] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_08b04b36c3dc9850\ole32.dll
[7] 2009-04-11 . 19915DB5B186D91CD4B459210C41741B . 1915392 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_0a27bbeba7d09d06\ole32.dll
[7] 2008-01-21 . F36E23B80AC04538726699670050121D . 1923072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_083c42dfaaaed1ba\ole32.dll
[7] 2010-06-28 . 0CB93E3F36C4F4122E7CBBAA731F67D1 . 1915904 . . [6.0.6000.16386] .. c:\windows\system32\ole32.dll
.
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[7] 2006-11-02 . 21322B1A2AD337C579F4A65EA0D25193 . 14848 . . [6.0.6000.16386] .. c:\windows\system32\cngaudit.dll
.
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[7] 2008-01-21 . 117EA87DF785CA1B9D821F6F213DCE07 . 123904 . . [6.0.6000.16386] .. c:\windows\system32\wininit.exe
.
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_f718665b4c03ea89\ctfmon.exe
[7] 2006-11-02 . 7E370DF3743B39CD375C52F7995783C4 . 9728 . . [6.0.6000.16386] .. c:\windows\system32\ctfmon.exe
.
[7] 2009-07-10 . 9235EC680D3DB17464B39C7C7DECB4DD . 301568 . . [6.0.6001.18287] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_28ff7f1fd585934f\shsvcs.dll
[7] 2009-07-10 . 3F6101365E6319171054ADD75788516C . 300032 . . [6.0.6000.21081] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_279cb3aaf1823d60\shsvcs.dll
[7] 2009-07-10 . C2409C9B7C7E422E7680AE4E1738BFC8 . 302080 . . [6.0.6001.22467] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_299ebda8ee92f85e\shsvcs.dll
[7] 2009-07-10 . F33C4D0B9EEFCDE346F8753DC4D6867F . 299520 . . [6.0.6000.16883] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_27153f51d8629d02\shsvcs.dll
[7] 2009-07-10 . 00DD742B99B278429714DEE859A73DD0 . 302080 . . [6.0.6002.22169] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_2b873024ebb78030\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6002.18063] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_2af7919dd29f485c\shsvcs.dll
[7] 2009-04-11 . 2AD15758174DCC7993FF3C00A955DD66 . 301568 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_2b3a71b9d26cd364\shsvcs.dll
[7] 2008-01-21 . EB3114330236CF030E8EDF62881BAF67 . 301568 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_294ef8add54b0818\shsvcs.dll
[7] 2009-07-10 . 56793271ECDEDD350C5ADD305603E963 . 302080 . . [6.0.6000.16386] .. c:\windows\system32\shsvcs.dll
.
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_e7701a4938f68d83\regsvc.dll
[7] 2008-01-21 . 416C611369CBE49074B89CEE2F83ABEF . 206336 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_e584a13d3bd4c237\regsvc.dll
[7] 2009-04-11 . 44B9D8EC2F3EF3A0EFB00857AF70D861 . 206848 . . [6.0.6000.16386] .. c:\windows\system32\regsvc.dll
.
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6002.18342] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_8cdcf8454ca4d06e\schedsvc.dll
[7] 2010-11-06 . CE75D26E0A1106129F4D156851E298ED . 854528 . . [6.0.6001.18551] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_8aeab4414f8780bd\schedsvc.dll
[7] 2010-11-04 . C40E431210CAF3DB00203F5796A31FDE . 856064 . . [6.0.6002.22519] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_8d8e08c065a3caed\schedsvc.dll
[7] 2010-11-04 . 596404B1E48657168BDAA69B9CD1DB74 . 856064 . . [6.0.6001.22791] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_8b49134268c58d72\schedsvc.dll
[7] 2009-04-11 . 717C12DF4B7C93FEC97D146AC1342B25 . 843776 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_8d0b33214c81b53a\schedsvc.dll
[7] 2009-04-08 . C315E4CD537736E53D1F28A497FBE29B . 844288 . . [6.0.6000.20779] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20779_none_89806b606b87a06d\schedsvc.dll
[7] 2008-01-21 . C74C6C01353D87AAFE1193B426D667B0 . 843776 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_8b1fba154f5fe9ee\schedsvc.dll
[7] 2008-01-21 . 5AEA4C9E2B3656B2B53D3886BB6DFC35 . 844288 . . [6.0.6000.16609] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_89427e0952313d0c\schedsvc.dll
[7] 2010-11-06 . 0F838C811AD295D2A4489B9993096C63 . 855040 . . [6.0.6001.18000] .. c:\windows\system32\schedsvc.dll
.
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_dbe80e6f8995baeb\ssdpsrv.dll
[7] 2008-01-21 . 192C74646EC5725AEF3F80D19FF75F6A . 185856 . . [6.0.6000.16386] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[7] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[7] 2009-04-11 . 5CDD30BC217082DAC71A9878D9BFD566 . 547328 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[7] 2011-06-20 . D14B8C4AB6C05B89D430D3911FE2833B . 4688784 . . [6.0.6002.22662] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[7] 2010-10-15 . 760A67A51D409EB396D1942D5555435C . 4692368 . . [6.0.6001.18538] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[7] 2010-10-15 . 4065E920FB6ED05B5F62A1FB6908C6C5 . 4699024 . . [6.0.6002.18327] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[7] 2010-10-15 . 255A6D981139EFEF605A88E003D1B2A2 . 4689808 . . [6.0.6002.22505] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[7] 2010-10-15 . 3A22B135BC4341025E19B9ADFB26C02A . 4678032 . . [6.0.6001.22777] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[7] 2010-06-08 . 04C706018E9F0A2C835A427A8AB6EBA1 . 4688256 . . [6.0.6002.22420] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[7] 2010-06-08 . 825926D6AD714A529F4069D9EBBD1D3B . 4697992 . . [6.0.6002.18267] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[7] 2010-06-08 . CCCD9EE56C92778385A3E715DC3D5ABF . 4690832 . . [6.0.6001.18488] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[7] 2010-06-08 . 31F137EEB5121654A9448904D89209A2 . 4675976 . . [6.0.6001.22707] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[7] 2010-02-18 . AF706D838B59A6C30D8B46C5C2D9D2FD . 4411272 . . [6.0.6000.21226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[7] 2010-02-18 . 8E3658ABC4A2053DBEA37C84E416DEB5 . 4424072 . . [6.0.6000.17021] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[7] 2010-02-18 . C0EC74895F90E5E788061C7F305F57D1 . 4678032 . . [6.0.6001.22636] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[7] 2010-02-18 . 413D579C2CDEF19CD842F4DF4A90C4ED . 4690832 . . [6.0.6001.18427] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[7] 2010-02-18 . 72FD908E7D1F176C00F1EF8F3D1445B0 . 4697992 . . [6.0.6002.18209] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[7] 2010-02-18 . AE0C10C55347383C0CD6CFF3F4794FD7 . 4690304 . . [6.0.6002.22341] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[7] 2009-12-08 . 6DC7FC9EB17EF1CB809AED351DE91DB9 . 4678232 . . [6.0.6001.22577] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[7] 2009-12-08 . 5183EBE8114DA62A532E275CFB3729CC . 4425304 . . [6.0.6000.16973] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[7] 2009-12-08 . 46B167601033C2DB4E1A727569A8CA31 . 4412504 . . [6.0.6000.21175] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[7] 2009-12-08 . E50C900C7F479886F26FA60ADBEE5852 . 4691032 . . [6.0.6001.18377] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[7] 2009-12-08 . 9668520760E72E1B1B9EDFB7BFB6A691 . 4698184 . . [6.0.6002.18160] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[7] 2009-12-08 . CBA7366E93C4DCAA62005A177EEC2FCE . 4691528 . . [6.0.6002.22283] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[7] 2009-08-05 . 5E99FFD02816FF54247294C7C9C003B9 . 4412488 . . [6.0.6000.21101] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[7] 2009-08-05 . C53B06CB817845873A3D32C1BAD33727 . 4425288 . . [6.0.6000.16901] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[7] 2009-08-05 . 043EB4B7C74C189E06584411B2C9EB8F . 4691016 . . [6.0.6001.18304] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[7] 2009-08-05 . 0170600F2A613CE3E8CC2B66A6DC7885 . 4682824 . . [6.0.6001.22489] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[7] 2009-08-05 . 0DD0FCFB9609403352FF75656826E82F . 4693576 . . [6.0.6002.22191] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[7] 2009-08-04 . 8E43DA6C8040C68446AA4B5D84C8127A . 4698168 . . [6.0.6002.18082] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[7] 2009-04-11 . 1B60CCC70788044404EEFBBB389FC111 . 4699608 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[7] 2009-04-08 . 2850680962ECC6C6D26EEE9F2FA58BE6 . 4694584 . . [6.0.6001.22258] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22258_none_c8aa8e8985bf76fc\ntoskrnl.exe
[7] 2009-04-08 . 2A87B3D380E3800BF247D82E58F0FCBA . 4429368 . . [6.0.6000.16754] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[7] 2009-04-08 . EFAAC7A874B65DF3F26B5092291D4859 . 4416056 . . [6.0.6000.20921] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[7] 2009-04-08 . 247A2AAF7E5189716192EE19EC6EC6FB . 4694584 . . [6.0.6001.18145] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[7] 2009-04-08 . 5E31190EF331709EAB9FB66C3683540B . 4694584 . . [6.0.6001.22269] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[7] 2009-04-08 . 6DEA6827709FC6F047580111651DFF02 . 4694584 . . [6.0.6001.18063] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[7] 2009-04-08 . A1DC0EFF401FE35688F1046F10BEE5BF . 4694584 . . [6.0.6001.22167] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[7] 2009-03-03 . 65252FED486E5BF1E384CA65C16148C7 . 4691424 . . [6.0.6001.22389] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[7] 2009-03-03 . ED97E8551F0B1844250ED1B07393B10D . 4692448 . . [6.0.6001.18226] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[7] 2009-03-03 . 8B3095B00E832ABFC7047A04E681CCDE . 4427232 . . [6.0.6000.16830] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[7] 2009-03-03 . CC172711FF2FCE0673321A951B02C379 . 4413936 . . [6.0.6000.21023] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[7] 2008-01-21 . 6760643D6400CA78640E9DD3824115B1 . 4694072 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[7] 2011-06-20 . A26DE9288D67E4EAC2D1205043AFD430 . 4699536 . . [6.0.6002.18484] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_442037e04fa9b5c7\ksuser.dll
[7] 2008-01-21 . 17BF3BF5296936B153FDDDA189B60E07 . 5120 . . [6.0.6001.18000] .. c:\windows\system32\ksuser.dll
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\SysWOW64\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
[7] 2009-04-08 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7135f8df4187b761\es.dll
[7] 2009-04-08 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_720177625a73c603\es.dll
[7] 2009-04-08 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7331d75d3e9e1070\es.dll
[7] 2009-04-08 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_73aba2ca57c84d78\es.dll
[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7360e4f33e7bd35a\es.dll
.
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\SysWOW64\imm32.dll
[7] 2009-04-11 . B8FBE5F40B09F5D20E1E5CCFEF893D62 . 116224 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_c4b4dcf8644afb7f\imm32.dll
[7] 2008-01-21 . CA3091655E2257B3E3EA86F79A696C56 . 116224 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_c2c963ec67293033\imm32.dll
.
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6001.18000] .. c:\windows\SysWOW64\kernel32.dll
[7] 2011-04-12 . 7F4CAEAC24592FA9F574E1F8CD1D0604 . 859648 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_fbf56d33404850e7\kernel32.dll
[7] 2011-04-12 . BBB3D68596C6B6E8A7ECAFDB2962E89B . 860672 . . [6.0.6002.22625] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_fc90aa945959509a\kernel32.dll
[7] 2011-04-12 . 6EBBE14BE54877C386C63FFED52D391D . 857600 . . [6.0.6001.18631] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_fa11c701432117f3\kernel32.dll
[7] 2011-04-12 . 35FC1E7929DA4828B9CC73DC84B42E6F . 860160 . . [6.0.6001.22898] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_fa6188305c690deb\kernel32.dll
[7] 2009-04-11 . A5830F679B5B38AE9700A72087178745 . 858112 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_fc1ca423402b872b\kernel32.dll
[7] 2009-02-13 . D4902D1DC60CB71197EFE4474A582841 . 855552 . . [6.0.6001.18215] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_fa2b6069430d50d1\kernel32.dll
[7] 2009-02-13 . 1B5BE39A927C36B3162ADA23B6CA001E . 858112 . . [6.0.6001.22376] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_fa751df65c5ab198\kernel32.dll
[7] 2009-02-13 . 444A00544B4EDFEDD8FCCD281EDE3ED4 . 840704 . . [6.0.6000.16820] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_f835506545f35d1e\kernel32.dll
[7] 2009-02-13 . 4118366CDDA655F8AEDB20CD03DEBAE9 . 841216 . . [6.0.6000.21010] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_f8c9953e5f091439\kernel32.dll
[7] 2008-01-21 . 799EEDF377F3B72DB30192AD9FD3C7F3 . 855552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_fa312b174309bbdf\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6001.18000_none_3865321ca55411b2\linkinfo.dll
.
[7] 2011-02-16 . F9AA0406BA33BC029536E04D6066C03A . 23552 . . [6.0.6002.22589] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_1268fd855dc13513\lpk.dll
[7] 2011-02-16 . 789CD968872EFA074339E0CFB70EB6B2 . 23552 . . [6.0.6001.22854] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_109df9ef60870d69\lpk.dll
[7] 2011-01-08 . 2929BD36F338E1C844FCCB88AFC4DA03 . 23552 . . [6.0.6002.22566] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_127b9c7f5db3b12c\lpk.dll
[7] 2011-01-08 . 077B74545B155C7C16F5951C48F6C9FE . 23552 . . [6.0.6001.22830] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_10af989f607a702b\lpk.dll
[7] 2010-10-28 . EAA25894F6FA01BB1321289E822B390D . 23552 . . [6.0.6002.22514] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_12afab875d8cf2c9\lpk.dll
[7] 2010-10-28 . 72508445768DC97CC522FAE65978DBF4 . 23552 . . [6.0.6001.22787] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_10808923609cb01a\lpk.dll
[7] 2010-05-26 . EF35D31F154DAA93E435D3B18192C40B . 23552 . . [6.0.6002.22412] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_12ada90d5d8ec2f4\lpk.dll
[7] 2010-05-26 . 26E0671ADDD67570AACEC81B2A8803ED . 23552 . . [6.0.6001.22700] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_10d0067d60621f31\lpk.dll
[7] 2009-10-19 . 77F2AB938BFBAB43EC1B91D11BBA2EEE . 24064 . . [6.0.6000.16939] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_0e48b8304a2e2ee3\lpk.dll
[7] 2009-10-19 . 08992A029F43690B4340BF6B2F7BCE5B . 24064 . . [6.0.6000.21142] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_0ec05b2b635a6c7f\lpk.dll
[7] 2009-10-19 . D669A9A4C894708388ADF96BBEAD3787 . 23552 . . [6.0.6001.22544] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_10a8c429607efa03\lpk.dll
[7] 2009-10-19 . 7EC16AB95B707BE43A938E20D096240E . 23552 . . [6.0.6002.22247] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_129236ef5da29b2c\lpk.dll
[7] 2009-06-15 . 204EFDC76394A6FB0816D61810C8F529 . 24064 . . [6.0.6000.16870] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_0e1474004a56bd71\lpk.dll
[7] 2009-06-15 . C5028B831E4489F0CEEABFD133855EFF . 23552 . . [6.0.6001.22450] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_1099f12f608ab371\lpk.dll
[7] 2009-06-15 . C92953010CA9964A33210C3273EEB78C . 24064 . . [6.0.6000.21067] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_0eafbadf636625ed\lpk.dll
[7] 2009-06-15 . 459DE300727C02D420DB389B721AF44E . 23552 . . [6.0.6002.22152] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_128263ab5daf3b43\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\SysWOW64\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_1231d75a44665bc9\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_11f7c69644928222\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_121b391e4477777b\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_11edfac04499b1b8\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_12126d92447dc068\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_11e22c7044a2b179\lpk.dll
[7] 2009-04-11 . DF37346EA13082E3E1B423B54014E641 . 23552 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_1231def244665065\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_10465e4e4744907d\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_0ffcb33a477b8110\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_101f257847615d12\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_0ff1e71a4783974f\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_10222a22475ea365\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_1003baf2477529e6\lpk.dll
[7] 2008-01-21 . 6FC8AC168B7E9BF46A0DB29E58CB60D2 . 23552 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_0fee1b1a478561c8\lpk.dll
.
[7] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.20544] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20544_none_d3ad4b5d7938e4df\mshtml.dll
[7] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16421] .. c:\windows\SysWOW64\mshtml.dll
[7] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16440] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16440_none_d31fad6a601edfb9\mshtml.dll
[7] 2011-09-01 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16437] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16437_none_d3317f5c60107529\mshtml.dll
[7] 2011-09-01 . 8C93AED0A332209434B62162D03C38C9 . 12275200 . . [9.00.8112.20537] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20537_none_d3bb1c27792e14f3\mshtml.dll
[7] 2011-08-17 . E6D5C7E4AAC0C682169AA5021386EFF3 . 12273664 . . [9.00.8112.16434] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16434_none_d32e7e7e60132924\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
.
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] .. c:\windows\SysWOW64\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] .. c:\windows\SysWOW64\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] .. c:\windows\SysWOW64\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] .. c:\windows\SysWOW64\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] .. c:\windows\SysWOW64\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\SysWOW64\user32.dll
[7] 2009-04-11 . D29FDB5DEDBDC1BD882164DC6DC4DD53 . 648704 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[7] 2008-01-21 . 3D691030DBD3BD75DE1501BE54F0D425 . 648192 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] .. c:\windows\SysWOW64\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[7] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.20544] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll
[7] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] .. c:\windows\SysWOW64\wininet.dll
[7] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16440] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[7] 2011-09-01 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16437] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_c1d7603ddfba0bf3\wininet.dll
[7] 2011-09-01 . C0FCEE8D760C70DB6EF858BB2262288E . 1126912 . . [9.00.8112.20537] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_c260fd08f8d7abbd\wininet.dll
[7] 2011-08-17 . 2C7332C222D1FE1FC57D622699A8C001 . 1126912 . . [9.00.8112.16434] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_c1d45f5fdfbcbfee\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.23216] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.19120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[7] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.22874] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18783] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-04-08 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2009-04-08 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-04-08 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-04-08 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-04-08 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2009-04-08 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2009-04-08 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2009-04-08 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\ws2help.dll
.
[7] 2009-05-03 . 513619A8ABBF19F34D4308E91D1EC89D . 3079680 . . [6.0.6002.20610] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.20610_none_b038be1d4865a6ca\explorer.exe
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6000.16386] .. c:\windows\explorer.exe
[7] 2009-04-11 . 6B08E54A451B3F95E4109DBA7E594270 . 3079168 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[7] 2008-01-21 . F6D765FB6B457542D954682F50C26E4F . 3080704 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
.
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 134656 . . [6.0.6000.16386] .. c:\windows\regedit.exe
[7] 2008-01-21 . 5DFBCE56E689D90AE9E2FB278F80058E . 161792 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\SysWOW64\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\SysWOW64\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] .. c:\windows\SysWOW64\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\SysWOW64\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] .. c:\windows\SysWOW64\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_285b7a4b21423100\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] .. c:\windows\SysWOW64\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\SysWOW64\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] .. c:\windows\SysWOW64\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\SysWOW64\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-21 02:48 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] .. c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\SysWOW64\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[7] 2011-08-17 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_bf1cdd1fd8684117\iexplore.exe
[7] 2011-07-23 . 4D08A4234D645EFCB30605CC0BFA87F4 . 638232 . . [8.00.6001.23216] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_7943141435aa7025\iexplore.exe
[7] 2011-07-23 . 04D1DC458C723B291179F8449ACC281D . 638232 . . [8.00.6001.19120] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_78a8a5a11c9a5442\iexplore.exe
[7] 2011-05-28 . 7EE10C5413AD7ED1AF9E8FAE1B58FC3E . 638232 . . [8.00.6001.23181] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_78f2614835e7b7e2\iexplore.exe
[7] 2011-05-28 . ED65737D70FDEAC29F738E77D2496EE5 . 638232 . . [8.00.6001.19088] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_786fc6831cc3c979\iexplore.exe
[7] 2011-02-22 . 9CE5543464432CA73134F170FA2BF823 . 638232 . . [8.00.6001.23143] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_791fa18c35c57acc\iexplore.exe
[7] 2011-02-22 . C1D36A2CBE0CEC4DF593DB1288CF586E . 638232 . . [8.00.6001.19048] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_789b06331ca359b5\iexplore.exe
[7] 2010-12-18 . 7852371DA9EFBC17B645558E23780EAC . 638232 . . [8.00.6001.23111] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_793e10bc35aef44b\iexplore.exe
[7] 2010-12-18 . B988D7F127B94BD5BF8356FE81B985C4 . 638232 . . [8.00.6001.19019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_78bc76411c8a1f39\iexplore.exe
[7] 2010-11-02 . 92A17B0A89D14815AACC62CD190B6CE3 . 638232 . . [8.00.6001.23091] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_78e78f7635efd6ac\iexplore.exe
[7] 2010-11-02 . 5AB037B17F8A87D052F5A88E0D29A3C8 . 638232 . . [8.00.6001.18999] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_78661ebf1ccacb7f\iexplore.exe
[7] 2010-09-08 . 4A719476A6393B1DCACFEB4F3AC6599C . 638232 . . [8.00.6001.23067] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_790e00f635d21ae3\iexplore.exe
[7] 2010-09-08 . D5A730DFDEAE005373E62BC2A866E3BB . 638232 . . [8.00.6001.18975] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_7877bd6f1cbe2e41\iexplore.exe
[7] 2010-06-26 . F05B3A2C6CB319DD1377AD566CF5ECE5 . 638232 . . [8.00.6001.23040] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_791c9ec835c831a0\iexplore.exe
[7] 2010-06-26 . 7420BE0E7D3D1320054F7ACA0594953D . 638232 . . [8.00.6001.18943] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_78962c9f1ca7a7c0\iexplore.exe
[7] 2010-05-04 . 48A6109E8DF0365195298CC527B7426A . 638232 . . [8.00.6001.23019] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_7946112635a7c1dc\iexplore.exe
[7] 2010-05-04 . 5C9B1062EA7A44E8F6BFDE994B68C7AA . 638232 . . [8.00.6001.18928] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_78b0cde91c92ee91\iexplore.exe
[7] 2010-02-23 . 25DB705A7DC85C208B3CF2D20F118AA7 . 638232 . . [8.00.6001.22995] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_78ebb87c35ec08c6\iexplore.exe
[7] 2010-02-23 . 9F52FBE99C749E3F32C75124F09F1B03 . 638232 . . [8.00.6001.18904] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_78c26c991c865153\iexplore.exe
[7] 2010-01-02 . 3D8DA00B028DEA9517066F1CECBFC4A2 . 638216 . . [8.00.6001.22973] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_78ff57c035dd9e36\iexplore.exe
[7] 2010-01-02 . 88BD42DAE7CFFEB256CA7145A15E4843 . 638216 . . [8.00.6001.18882] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_7869eabf1cc90106\iexplore.exe
[7] 2009-11-21 . E7F8DF50E483D165BB01F367D3519AA7 . 638232 . . [8.00.6001.22956] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_7917f87635cab259\iexplore.exe
[7] 2009-11-21 . 1B6362BB14FCEB9E76BCF9A953B04788 . 638232 . . [8.00.6001.18865] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_78828b751cb61529\iexplore.exe
[7] 2009-08-27 . 7DD482E4A2E3CBB0A72F718C342F5B75 . 638216 . . [8.00.6001.22918] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_794538ba35a87543\iexplore.exe
[7] 2009-08-27 . 2E48756F12C21F46895036AC089AAD97 . 638232 . . [8.00.6001.18828] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_78b0cc031c92f16a\iexplore.exe
[7] 2009-07-22 . 4B5AEA50CE77FBA4C2D169622DC9B489 . 638232 . . [8.00.6001.22903] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_794b073435a4da9f\iexplore.exe
[7] 2009-07-21 . C33BD196A0301F9B23D9A003D30ED8B0 . 638216 . . [8.00.6001.18813] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_78b69a7d1c8f56c6\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[7] 2009-04-08 . 0844F5B9CB3BB85A917D347EF1565B6C . 634024 . . [7.00.6000.16809] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_93f80d9f098e0166\iexplore.exe
[7] 2009-04-08 . F0B1CA517977BA2FF6DA33F1B966C488 . 634024 . . [7.00.6000.20996] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_941d5a4022f750a4\iexplore.exe
[7] 2009-04-08 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_93c6c86709b3ded2\iexplore.exe
[7] 2009-04-08 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_9433f69622e637cb\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_78c068391c882457\iexplore.exe
[7] 2009-03-03 . 9E6C1527D9A2C64BFD780AA23075380F . 636072 . . [7.00.6001.18226] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_95c5ab8f06c77e34\iexplore.exe
[7] 2009-03-03 . 8BA2B7A05F88BE0D45237A0994AD8366 . 636072 . . [7.00.6001.22389] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_961169b0201311a9\iexplore.exe
[7] 2009-03-03 . EA4BE33726155F89D89A3FE7142878E0 . 636072 . . [7.00.6000.16830] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_93ce9b4109ae712a\iexplore.exe
[7] 2009-03-03 . 1DD66A2851DACDEC32EAE8F9A8865ABD . 636072 . . [7.00.6000.21023] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_9465e0f822c1744a\iexplore.exe
[7] 2008-01-21 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] .. c:\windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_95d545df06bcb3fa\iexplore.exe
.
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] .. c:\windows\SysWOW64\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6001.18000] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_764d448c52115294\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-17 740216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"TkBellExe"="c:\program files\Real\realplayer\update\realsched.exe" [2011-11-25 296056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-31 09:26 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-05 253600]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - f174c4c34bd59b03
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 17:49 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-05 10:59]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-09 09:21]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-09 09:21]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732063850-1855902138-569781612-1000Core.job
- c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 23:43]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732063850-1855902138-569781612-1000UA.job
- c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 23:43]
.
2012-02-15 c:\windows\Tasks\HPCeeScheduleForSteve.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-04-08 18:34]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\twll0dnw.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
Wow6432Node-HKCU-Run-CPN Notifier - c:\program files (x86)\Cake Poker 2.0\PokerNotifier.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\f174c4c34bd59b03]
"ImagePath"="\SystemRoot\System32\Drivers\f174c4c34bd59b03.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,2e,03,f2,92,87,31,49,8f,c8,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,2e,03,f2,92,87,31,49,8f,c8,0f,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid]
@Denied: (A 2) (Everyone)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2012-02-20 13:41:37
ComboFix-quarantined-files.txt 2012-02-20 19:41
.
Pre-Run: 43,506,700,288 bytes free
Post-Run: 43,599,486,976 bytes free
.
- - End Of File - - F540D29C6F0C1A79F8F4D014E820557D

#6 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 20 February 2012 - 04:58 PM

I couldn't get avast to update, even went through fixes on avast's forum. I removed it. When I installed Vipre in its place I could not connect to the internet. When I removed Vipre I could connect again. My browser works fine. Is it possible there are remnants of one of many antivirus software that I used trying to clean my laptop. I know that antivirus's can have conflicts like this. The only ones I have are Malware-antibytes and superantispyware. When I ran hijack this it still lists Avast.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:55:11 PM, on 2/20/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CPN Notifier] C:\Program Files (x86)\Cake Poker 2.0\PokerNotifier.exe
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN (User 'postgres')
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'postgres')
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" (User 'postgres')
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [Google Update] "C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'postgres')
O4 - HKUS\S-1-5-21-732063850-1855902138-569781612-1001\..\Run: [SkinClock] C:\Program Files (x86)\Atomic Alarm Clock\AtomicAlarmClock.exe (User 'postgres')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: RPM Poker - {00710644-edb6-40fb-b3e2-51b615e97d5a} - C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RPM Poker\RPM Poker.lnk (HKCU)
O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dyyno Service (Dyyno Launcher) - Unknown owner - C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12014 bytes

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 20 February 2012 - 05:43 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 20 February 2012 - 06:57 PM

when I ran it a box popped up that said it could not load driver It then allowed me to run the scan
An infection was noted during the ASW scan. I am going to sleep now, but look forward to hearing back from you.


17:01:30.0977 2352 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
17:01:31.0008 2352 ============================================================
17:01:31.0008 2352 Current date / time: 2012/02/20 17:01:31.0008
17:01:31.0008 2352 SystemInfo:
17:01:31.0008 2352
17:01:31.0008 2352 OS Version: 6.0.6002 ServicePack: 2.0
17:01:31.0008 2352 Product type: Workstation
17:01:31.0008 2352 ComputerName: JOHNSON
17:01:31.0008 2352 UserName: Steve
17:01:31.0008 2352 Windows directory: C:\Windows
17:01:31.0008 2352 System windows directory: C:\Windows
17:01:31.0008 2352 Running under WOW64
17:01:31.0008 2352 Processor architecture: Intel x64
17:01:31.0008 2352 Number of processors: 2
17:01:31.0008 2352 Page size: 0x1000
17:01:31.0008 2352 Boot type: Normal boot
17:01:31.0008 2352 ============================================================
17:01:41.0787 2352 !crdlk
17:01:41.0802 2352 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
17:01:41.0834 2352 \Device\Harddisk0\DR0:
17:01:41.0834 2352 MBR used
17:01:41.0834 2352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23812000
17:01:41.0834 2352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23812800, BlocksNum 0x1C1A800
17:01:41.0896 2352 Initialize success
17:01:41.0896 2352 ============================================================
17:01:44.0283 4868 ============================================================
17:01:44.0283 4868 Scan started
17:01:44.0283 4868 Mode: Manual;
17:01:44.0283 4868 ============================================================
17:01:44.0766 4868 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:01:44.0766 4868 Accelerometer - ok
17:01:44.0844 4868 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
17:01:44.0860 4868 ACPI - ok
17:01:45.0000 4868 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
17:01:45.0000 4868 adfs - ok
17:01:45.0250 4868 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
17:01:45.0265 4868 adp94xx - ok
17:01:45.0406 4868 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
17:01:45.0421 4868 adpahci - ok
17:01:45.0577 4868 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
17:01:45.0577 4868 adpu160m - ok
17:01:45.0624 4868 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
17:01:45.0640 4868 adpu320 - ok
17:01:45.0874 4868 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
17:01:45.0874 4868 AFD - ok
17:01:45.0999 4868 AgereSoftModem (70e15cda25e151dfc60636ef73f5a7be) C:\Windows\system32\DRIVERS\agrsm64.sys
17:01:46.0014 4868 AgereSoftModem - ok
17:01:46.0123 4868 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
17:01:46.0123 4868 agp440 - ok
17:01:46.0201 4868 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
17:01:46.0201 4868 aic78xx - ok
17:01:46.0326 4868 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
17:01:46.0326 4868 aliide - ok
17:01:46.0498 4868 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
17:01:46.0498 4868 amdide - ok
17:01:46.0560 4868 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
17:01:46.0560 4868 AmdK8 - ok
17:01:46.0669 4868 AODDriver (43ed1d08c19626688db34f63e55114fb) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys
17:01:46.0669 4868 AODDriver - ok
17:01:46.0903 4868 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
17:01:46.0903 4868 arc - ok
17:01:46.0981 4868 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
17:01:46.0981 4868 arcsas - ok
17:01:47.0153 4868 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
17:01:47.0153 4868 AsyncMac - ok
17:01:47.0262 4868 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
17:01:47.0262 4868 atapi - ok
17:01:47.0387 4868 athr (7392080816811f6500ff685b8db66d7f) C:\Windows\system32\DRIVERS\athrx.sys
17:01:47.0403 4868 athr - ok
17:01:47.0574 4868 AtiHdmiService (1251677c31ca7d08795a6ee939f2e605) C:\Windows\system32\drivers\AtiHdmi.sys
17:01:47.0574 4868 AtiHdmiService - ok
17:01:47.0777 4868 atikmdag (2263eafcf5add181b7fd47b78ae6d3e3) C:\Windows\system32\DRIVERS\atikmdag.sys
17:01:47.0808 4868 atikmdag - ok
17:01:47.0948 4868 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:01:47.0948 4868 AtiPcie - ok
17:01:48.0136 4868 Beep - ok
17:01:48.0276 4868 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
17:01:48.0276 4868 blbdrive - ok
17:01:48.0463 4868 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
17:01:48.0479 4868 bowser - ok
17:01:48.0541 4868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
17:01:48.0541 4868 BrFiltLo - ok
17:01:48.0666 4868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
17:01:48.0666 4868 BrFiltUp - ok
17:01:48.0760 4868 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
17:01:48.0760 4868 Brserid - ok
17:01:48.0806 4868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
17:01:48.0806 4868 BrSerWdm - ok
17:01:48.0916 4868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
17:01:48.0916 4868 BrUsbMdm - ok
17:01:48.0978 4868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
17:01:48.0978 4868 BrUsbSer - ok
17:01:49.0025 4868 BthEnum (471ff09330a53177bbe9fd6ddf8a8259) C:\Windows\system32\DRIVERS\BthEnum.sys
17:01:49.0025 4868 BthEnum - ok
17:01:49.0134 4868 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
17:01:49.0134 4868 BTHMODEM - ok
17:01:49.0228 4868 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
17:01:49.0228 4868 BthPan - ok
17:01:49.0306 4868 BTHPORT (7d104f22c04a76f0d2f96f789ac07fcb) C:\Windows\system32\Drivers\BTHport.sys
17:01:49.0321 4868 BTHPORT - ok
17:01:49.0462 4868 BTHUSB (d9324f0c142267961ce900bfc3798bb1) C:\Windows\system32\Drivers\BTHUSB.sys
17:01:49.0462 4868 BTHUSB - ok
17:01:49.0524 4868 catchme - ok
17:01:49.0649 4868 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
17:01:49.0649 4868 cdfs - ok
17:01:49.0742 4868 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
17:01:49.0742 4868 cdrom - ok
17:01:49.0898 4868 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
17:01:49.0898 4868 circlass - ok
17:01:49.0992 4868 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
17:01:50.0008 4868 CLFS - ok
17:01:50.0273 4868 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
17:01:50.0273 4868 CmBatt - ok
17:01:50.0398 4868 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
17:01:50.0398 4868 cmdide - ok
17:01:50.0476 4868 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
17:01:50.0476 4868 Compbatt - ok
17:01:50.0554 4868 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
17:01:50.0554 4868 crcdisk - ok
17:01:50.0803 4868 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
17:01:50.0803 4868 DfsC - ok
17:01:50.0944 4868 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
17:01:50.0944 4868 disk - ok
17:01:51.0115 4868 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
17:01:51.0115 4868 drmkaud - ok
17:01:51.0271 4868 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
17:01:51.0287 4868 DXGKrnl - ok
17:01:51.0443 4868 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
17:01:51.0443 4868 E1G60 - ok
17:01:51.0645 4868 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
17:01:51.0645 4868 Ecache - ok
17:01:51.0879 4868 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
17:01:51.0895 4868 elxstor - ok
17:01:52.0067 4868 enecir (3a70dc8951b995c73a22b9a23210833e) C:\Windows\system32\DRIVERS\enecir.sys
17:01:52.0067 4868 enecir - ok
17:01:52.0129 4868 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
17:01:52.0129 4868 ErrDev - ok
17:01:52.0347 4868 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
17:01:52.0347 4868 exfat - ok
17:01:52.0363 4868 Suspicious service (NoAccess): f174c4c34bd59b03
17:01:52.0410 4868 f174c4c34bd59b03 (035c26c52bb1ead2ddea66b9f0ec9261) C:\Windows\System32\Drivers\f174c4c34bd59b03.sys
17:01:52.0410 4868 Suspicious file (NoAccess): C:\Windows\System32\Drivers\f174c4c34bd59b03.sys. md5: 035c26c52bb1ead2ddea66b9f0ec9261
17:01:52.0457 4868 f174c4c34bd59b03 ( LockedService.Multi.Generic ) - warning
17:01:52.0457 4868 f174c4c34bd59b03 - detected LockedService.Multi.Generic (1)
17:01:52.0597 4868 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
17:01:52.0613 4868 fastfat - ok
17:01:52.0691 4868 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
17:01:52.0691 4868 fdc - ok
17:01:52.0878 4868 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
17:01:52.0878 4868 FileInfo - ok
17:01:52.0940 4868 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
17:01:52.0940 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\filetrace.sys. md5: d421327fd6efccaf884a54c58e1b0d7f
17:01:53.0003 4868 Filetrace ( LockedFile.Multi.Generic ) - warning
17:01:53.0003 4868 Filetrace - detected LockedFile.Multi.Generic (1)
17:01:53.0159 4868 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:01:53.0159 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\flpydisk.sys. md5: 230923ea2b80f79b0f88d90f87b87ebd
17:01:53.0221 4868 flpydisk ( LockedFile.Multi.Generic ) - warning
17:01:53.0221 4868 flpydisk - detected LockedFile.Multi.Generic (1)
17:01:53.0377 4868 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
17:01:53.0377 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\fltmgr.sys. md5: e3041bc26d6930d61f42aedb79c91720
17:01:53.0439 4868 FltMgr ( LockedFile.Multi.Generic ) - warning
17:01:53.0439 4868 FltMgr - detected LockedFile.Multi.Generic (1)
17:01:53.0642 4868 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
17:01:53.0642 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Fs_Rec.sys. md5: 29d99e860a1ca0a03c6a733fdd0da703
17:01:53.0705 4868 Fs_Rec ( LockedFile.Multi.Generic ) - warning
17:01:53.0705 4868 Fs_Rec - detected LockedFile.Multi.Generic (1)
17:01:53.0829 4868 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
17:01:53.0829 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\gagp30kx.sys. md5: c8e416668d3dc2be3d4fe4c79224997f
17:01:53.0892 4868 gagp30kx ( LockedFile.Multi.Generic ) - warning
17:01:53.0892 4868 gagp30kx - detected LockedFile.Multi.Generic (1)
17:01:54.0063 4868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:01:54.0063 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\GEARAspiWDM.sys. md5: e403aacf8c7bb11375122d2464560311
17:01:54.0126 4868 GEARAspiWDM ( LockedFile.Multi.Generic ) - warning
17:01:54.0126 4868 GEARAspiWDM - detected LockedFile.Multi.Generic (1)
17:01:54.0375 4868 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
17:01:54.0375 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\HdAudio.sys. md5: 68e732382b32417ff61fd663259b4b09
17:01:54.0438 4868 HdAudAddService ( LockedFile.Multi.Generic ) - warning
17:01:54.0438 4868 HdAudAddService - detected LockedFile.Multi.Generic (1)
17:01:54.0594 4868 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:01:54.0594 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HDAudBus.sys. md5: f942c5820205f2fb453243edfec82a3d
17:01:54.0656 4868 HDAudBus ( LockedFile.Multi.Generic ) - warning
17:01:54.0656 4868 HDAudBus - detected LockedFile.Multi.Generic (1)
17:01:54.0765 4868 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
17:01:54.0765 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidbth.sys. md5: b4881c84a180e75b8c25dc1d726c375f
17:01:54.0828 4868 HidBth ( LockedFile.Multi.Generic ) - warning
17:01:54.0828 4868 HidBth - detected LockedFile.Multi.Generic (1)
17:01:54.0952 4868 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
17:01:54.0952 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidir.sys. md5: 5f47839455d01ff6403b008d481a6f5b
17:01:55.0030 4868 HidIr ( LockedFile.Multi.Generic ) - warning
17:01:55.0030 4868 HidIr - detected LockedFile.Multi.Generic (1)
17:01:55.0186 4868 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
17:01:55.0186 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: 443bdd2d30bb4f00795c797e2cf99edf
17:01:55.0249 4868 HidUsb ( LockedFile.Multi.Generic ) - warning
17:01:55.0249 4868 HidUsb - detected LockedFile.Multi.Generic (1)
17:01:55.0420 4868 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
17:01:55.0420 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\hpcisss.sys. md5: d7109a1e6bd2dfdbcba72a6bc626a13b
17:01:55.0483 4868 HpCISSs ( LockedFile.Multi.Generic ) - warning
17:01:55.0483 4868 HpCISSs - detected LockedFile.Multi.Generic (1)
17:01:55.0623 4868 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:01:55.0623 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hpdskflt.sys. md5: 4e0bec0f78096ffd6d3314b497fc49d3
17:01:55.0686 4868 hpdskflt ( LockedFile.Multi.Generic ) - warning
17:01:55.0686 4868 hpdskflt - detected LockedFile.Multi.Generic (1)
17:01:55.0826 4868 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:01:55.0826 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HpqKbFiltr.sys. md5: 9af482d058be59cc28bce52e7c4b747c
17:01:55.0888 4868 HpqKbFiltr ( LockedFile.Multi.Generic ) - warning
17:01:55.0888 4868 HpqKbFiltr - detected LockedFile.Multi.Generic (1)
17:01:56.0122 4868 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
17:01:56.0122 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: 098f1e4e5c9cb5b0063a959063631610
17:01:56.0200 4868 HTTP ( LockedFile.Multi.Generic ) - warning
17:01:56.0200 4868 HTTP - detected LockedFile.Multi.Generic (1)
17:01:56.0310 4868 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
17:01:56.0310 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\i2omp.sys. md5: da94c854cea5fac549d4e1f6e88349e8
17:01:56.0372 4868 i2omp ( LockedFile.Multi.Generic ) - warning
17:01:56.0372 4868 i2omp - detected LockedFile.Multi.Generic (1)
17:01:56.0512 4868 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
17:01:56.0512 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: cbb597659a2713ce0c9cc20c88c7591f
17:01:56.0575 4868 i8042prt ( LockedFile.Multi.Generic ) - warning
17:01:56.0575 4868 i8042prt - detected LockedFile.Multi.Generic (1)
17:01:56.0715 4868 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
17:01:56.0715 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastorv.sys. md5: 3e3bf3627d886736d0b4e90054f929f6
17:01:56.0778 4868 iaStorV ( LockedFile.Multi.Generic ) - warning
17:01:56.0778 4868 iaStorV - detected LockedFile.Multi.Generic (1)
17:01:56.0949 4868 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
17:01:56.0949 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\iirsp.sys. md5: 8c3951ad2fe886ef76c7b5027c3125d3
17:01:57.0012 4868 iirsp ( LockedFile.Multi.Generic ) - warning
17:01:57.0012 4868 iirsp - detected LockedFile.Multi.Generic (1)
17:01:57.0183 4868 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
17:01:57.0183 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: 475490caf376e55e6e8b37bbdfeb2e81
17:01:57.0230 4868 intelide ( LockedFile.Multi.Generic ) - warning
17:01:57.0230 4868 intelide - detected LockedFile.Multi.Generic (1)
17:01:57.0355 4868 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
17:01:57.0355 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: bfd84af32fa1bad6231c4585cb469630
17:01:57.0402 4868 intelppm ( LockedFile.Multi.Generic ) - warning
17:01:57.0402 4868 intelppm - detected LockedFile.Multi.Generic (1)
17:01:57.0558 4868 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:01:57.0558 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: d8aabc341311e4780d6fce8c73c0ad81
17:01:57.0620 4868 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
17:01:57.0620 4868 IpFilterDriver - detected LockedFile.Multi.Generic (1)
17:01:57.0745 4868 IpInIp - ok
17:01:57.0823 4868 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
17:01:57.0823 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipmidrv.sys. md5: 9c2ee2e6e5a7203bfae15c299475ec67
17:01:57.0870 4868 IPMIDRV ( LockedFile.Multi.Generic ) - warning
17:01:57.0870 4868 IPMIDRV - detected LockedFile.Multi.Generic (1)
17:01:57.0994 4868 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
17:01:57.0994 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipnat.sys. md5: b7e6212f581ea5f6ab0c3a6ceeeb89be
17:01:58.0041 4868 IPNAT ( LockedFile.Multi.Generic ) - warning
17:01:58.0041 4868 IPNAT - detected LockedFile.Multi.Generic (1)
17:01:58.0197 4868 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
17:01:58.0197 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 8c42ca155343a2f11d29feca67faa88d
17:01:58.0259 4868 IRENUM ( LockedFile.Multi.Generic ) - warning
17:01:58.0259 4868 IRENUM - detected LockedFile.Multi.Generic (1)
17:01:58.0400 4868 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
17:01:58.0400 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 0672bfcedc6fc468a2b0500d81437f4f
17:01:58.0462 4868 isapnp ( LockedFile.Multi.Generic ) - warning
17:01:58.0462 4868 isapnp - detected LockedFile.Multi.Generic (1)
17:01:58.0603 4868 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
17:01:58.0603 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msiscsi.sys. md5: e4fdf99599f27ec25d2cf6d754243520
17:01:58.0681 4868 iScsiPrt ( LockedFile.Multi.Generic ) - warning
17:01:58.0681 4868 iScsiPrt - detected LockedFile.Multi.Generic (1)
17:01:58.0805 4868 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
17:01:58.0805 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteatapi.sys. md5: 63c766cdc609ff8206cb447a65abba4a
17:01:58.0868 4868 iteatapi ( LockedFile.Multi.Generic ) - warning
17:01:58.0868 4868 iteatapi - detected LockedFile.Multi.Generic (1)
17:01:59.0008 4868 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
17:01:59.0008 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteraid.sys. md5: 1281fe73b17664631d12f643cbea3f59
17:01:59.0071 4868 iteraid ( LockedFile.Multi.Generic ) - warning
17:01:59.0071 4868 iteraid - detected LockedFile.Multi.Generic (1)
17:01:59.0180 4868 JMCR (15371306d1adbbf35e475c8da516a956) C:\Windows\system32\DRIVERS\jmcr.sys
17:01:59.0180 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\jmcr.sys. md5: 15371306d1adbbf35e475c8da516a956
17:01:59.0273 4868 JMCR ( LockedFile.Multi.Generic ) - warning
17:01:59.0273 4868 JMCR - detected LockedFile.Multi.Generic (1)
17:01:59.0398 4868 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
17:01:59.0398 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: 423696f3ba6472dd17699209b933bc26
17:01:59.0461 4868 kbdclass ( LockedFile.Multi.Generic ) - warning
17:01:59.0461 4868 kbdclass - detected LockedFile.Multi.Generic (1)
17:01:59.0585 4868 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
17:01:59.0585 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdhid.sys. md5: dbdf75d51464fbc47d0104ec3d572c05
17:01:59.0648 4868 kbdhid ( LockedFile.Multi.Generic ) - warning
17:01:59.0648 4868 kbdhid - detected LockedFile.Multi.Generic (1)
17:01:59.0835 4868 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
17:01:59.0835 4868 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 2758d174604f597bbc8a217ff667913d
17:01:59.0897 4868 KSecDD ( LockedFile.Multi.Generic ) - warning
17:01:59.0897 4868 KSecDD - detected LockedFile.Multi.Generic (1)
17:02:00.0022 4868 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
17:02:00.0022 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ksthunk.sys. md5: 1d419cf43db29396ecd7113d129d94eb
17:02:00.0085 4868 ksthunk ( LockedFile.Multi.Generic ) - warning
17:02:00.0085 4868 ksthunk - detected LockedFile.Multi.Generic (1)
17:02:00.0241 4868 Lavasoft Kernexplorer - ok
17:02:00.0428 4868 LHidFilt (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:02:00.0428 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\LHidFilt.Sys. md5: 0a7d6ed578d85f0c35353424ee3f5245
17:02:00.0475 4868 LHidFilt ( LockedFile.Multi.Generic ) - warning
17:02:00.0475 4868 LHidFilt - detected LockedFile.Multi.Generic (1)
17:02:00.0662 4868 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
17:02:00.0662 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: 96ece2659b6654c10a0c310ae3a6d02c
17:02:00.0724 4868 lltdio ( LockedFile.Multi.Generic ) - warning
17:02:00.0724 4868 lltdio - detected LockedFile.Multi.Generic (1)
17:02:00.0943 4868 LMouFilt (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:02:00.0943 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\LMouFilt.Sys. md5: 6542e2e6db58118fbb1b82a68ce3aff9
17:02:00.0989 4868 LMouFilt ( LockedFile.Multi.Generic ) - warning
17:02:00.0989 4868 LMouFilt - detected LockedFile.Multi.Generic (1)
17:02:01.0145 4868 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
17:02:01.0145 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_fc.sys. md5: acbe1af32d3123e330a07bfbc5ec4a9b
17:02:01.0192 4868 LSI_FC ( LockedFile.Multi.Generic ) - warning
17:02:01.0192 4868 LSI_FC - detected LockedFile.Multi.Generic (1)
17:02:01.0317 4868 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
17:02:01.0317 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas.sys. md5: 799ffb2fc4729fa46d2157c0065b3525
17:02:01.0379 4868 LSI_SAS ( LockedFile.Multi.Generic ) - warning
17:02:01.0379 4868 LSI_SAS - detected LockedFile.Multi.Generic (1)
17:02:01.0504 4868 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
17:02:01.0504 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_scsi.sys. md5: f445ff1daad8a226366bfaf42551226b
17:02:01.0582 4868 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
17:02:01.0582 4868 LSI_SCSI - detected LockedFile.Multi.Generic (1)
17:02:01.0691 4868 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
17:02:01.0691 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 52f87b9cc8932c2a7375c3b2a9be5e3e
17:02:01.0769 4868 luafv ( LockedFile.Multi.Generic ) - warning
17:02:01.0769 4868 luafv - detected LockedFile.Multi.Generic (1)
17:02:01.0894 4868 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
17:02:01.0894 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mcdbus.sys. md5: 79d51e7f5926e8ce1b3ebecebae28cff
17:02:01.0956 4868 mcdbus ( LockedFile.Multi.Generic ) - warning
17:02:01.0956 4868 mcdbus - detected LockedFile.Multi.Generic (1)
17:02:02.0112 4868 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
17:02:02.0112 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasas.sys. md5: 5c5cd6aaced32fb26c3fb34b3dcf972f
17:02:02.0175 4868 megasas ( LockedFile.Multi.Generic ) - warning
17:02:02.0175 4868 megasas - detected LockedFile.Multi.Generic (1)
17:02:02.0300 4868 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
17:02:02.0300 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasr.sys. md5: 859bc2436b076c77c159ed694acfe8f8
17:02:02.0362 4868 MegaSR ( LockedFile.Multi.Generic ) - warning
17:02:02.0362 4868 MegaSR - detected LockedFile.Multi.Generic (1)
17:02:02.0549 4868 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
17:02:02.0549 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: 59848d5cc74606f0ee7557983bb73c2e
17:02:02.0612 4868 Modem ( LockedFile.Multi.Generic ) - warning
17:02:02.0612 4868 Modem - detected LockedFile.Multi.Generic (1)
17:02:02.0736 4868 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
17:02:02.0736 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: c247cc2a57e0a0c8c6dccf7807b3e9e5
17:02:02.0799 4868 monitor ( LockedFile.Multi.Generic ) - warning
17:02:02.0799 4868 monitor - detected LockedFile.Multi.Generic (1)
17:02:02.0939 4868 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
17:02:02.0939 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 9367304e5e412b120cf5f4ea14e4e4f1
17:02:03.0002 4868 mouclass ( LockedFile.Multi.Generic ) - warning
17:02:03.0002 4868 mouclass - detected LockedFile.Multi.Generic (1)
17:02:03.0173 4868 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
17:02:03.0173 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: c2c2bd5c5ce5aaf786ddd74b75d2ac69
17:02:03.0236 4868 mouhid ( LockedFile.Multi.Generic ) - warning
17:02:03.0236 4868 mouhid - detected LockedFile.Multi.Generic (1)
17:02:03.0563 4868 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
17:02:03.0563 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: 11bc9b1e8801b01f7f6adb9ead30019b
17:02:03.0626 4868 MountMgr ( LockedFile.Multi.Generic ) - warning
17:02:03.0626 4868 MountMgr - detected LockedFile.Multi.Generic (1)
17:02:03.0750 4868 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
17:02:03.0750 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: f8276eb8698142884498a528dfea8478
17:02:03.0813 4868 mpio ( LockedFile.Multi.Generic ) - warning
17:02:03.0813 4868 mpio - detected LockedFile.Multi.Generic (1)
17:02:03.0938 4868 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
17:02:03.0938 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: c92b9abdb65a5991e00c28f13491dba2
17:02:04.0000 4868 mpsdrv ( LockedFile.Multi.Generic ) - warning
17:02:04.0000 4868 mpsdrv - detected LockedFile.Multi.Generic (1)
17:02:04.0156 4868 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
17:02:04.0156 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\mraid35x.sys. md5: 3c200630a89ef2c0864d515b7a75802e
17:02:04.0218 4868 Mraid35x ( LockedFile.Multi.Generic ) - warning
17:02:04.0218 4868 Mraid35x - detected LockedFile.Multi.Generic (1)
17:02:04.0359 4868 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
17:02:04.0359 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: 7c1de4aa96dc0c071611f9e7de02a68d
17:02:04.0421 4868 MRxDAV ( LockedFile.Multi.Generic ) - warning
17:02:04.0421 4868 MRxDAV - detected LockedFile.Multi.Generic (1)
17:02:04.0577 4868 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:02:04.0577 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 1485811b320ff8c7edad1caebb1c6c2b
17:02:04.0624 4868 mrxsmb ( LockedFile.Multi.Generic ) - warning
17:02:04.0624 4868 mrxsmb - detected LockedFile.Multi.Generic (1)
17:02:04.0796 4868 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:02:04.0796 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: 3b929a60c833fc615fd97fba82bc7632
17:02:04.0858 4868 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
17:02:04.0858 4868 mrxsmb10 - detected LockedFile.Multi.Generic (1)
17:02:05.0014 4868 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:02:05.0014 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: c64ab3e1f53b4f5b5bb6d796b2d7bec3
17:02:05.0076 4868 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
17:02:05.0076 4868 mrxsmb20 - detected LockedFile.Multi.Generic (1)
17:02:05.0217 4868 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
17:02:05.0217 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: aa459f2ab3ab603c357ff117cae3d818
17:02:05.0279 4868 msahci ( LockedFile.Multi.Generic ) - warning
17:02:05.0279 4868 msahci - detected LockedFile.Multi.Generic (1)
17:02:05.0388 4868 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
17:02:05.0388 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: 264bbb4aaf312a485f0e44b65a6b7202
17:02:05.0451 4868 msdsm ( LockedFile.Multi.Generic ) - warning
17:02:05.0451 4868 msdsm - detected LockedFile.Multi.Generic (1)
17:02:05.0622 4868 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
17:02:05.0622 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: 704f59bfc4512d2bb0146aec31b10a7c
17:02:05.0669 4868 Msfs ( LockedFile.Multi.Generic ) - warning
17:02:05.0669 4868 Msfs - detected LockedFile.Multi.Generic (1)
17:02:05.0809 4868 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
17:02:05.0809 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: 00ebc952961664780d43dca157e79b27
17:02:05.0856 4868 msisadrv ( LockedFile.Multi.Generic ) - warning
17:02:05.0856 4868 msisadrv - detected LockedFile.Multi.Generic (1)
17:02:06.0043 4868 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
17:02:06.0043 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 0ea73e498f53b96d83dbfca074ad4cf8
17:02:06.0090 4868 MSKSSRV ( LockedFile.Multi.Generic ) - warning
17:02:06.0090 4868 MSKSSRV - detected LockedFile.Multi.Generic (1)
17:02:06.0199 4868 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
17:02:06.0199 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: 52e59b7e992a58e740aa63f57edbae8b
17:02:06.0246 4868 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
17:02:06.0246 4868 MSPCLOCK - detected LockedFile.Multi.Generic (1)
17:02:06.0355 4868 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
17:02:06.0355 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: 49084a75bae043ae02d5b44d02991bb2
17:02:06.0402 4868 MSPQM ( LockedFile.Multi.Generic ) - warning
17:02:06.0402 4868 MSPQM - detected LockedFile.Multi.Generic (1)
17:02:06.0543 4868 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
17:02:06.0543 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: dc6ccf440cdede4293db41c37a5060a5
17:02:06.0589 4868 MsRPC ( LockedFile.Multi.Generic ) - warning
17:02:06.0589 4868 MsRPC - detected LockedFile.Multi.Generic (1)
17:02:06.0699 4868 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
17:02:06.0699 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: 855796e59df77ea93af46f20155bf55b
17:02:06.0745 4868 mssmbios ( LockedFile.Multi.Generic ) - warning
17:02:06.0745 4868 mssmbios - detected LockedFile.Multi.Generic (1)
17:02:06.0855 4868 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
17:02:06.0855 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 86d632d75d05d5b7c7c043fa3564ae86
17:02:06.0901 4868 MSTEE ( LockedFile.Multi.Generic ) - warning
17:02:06.0901 4868 MSTEE - detected LockedFile.Multi.Generic (1)
17:02:07.0026 4868 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
17:02:07.0026 4868 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: 0cc49f78d8aca0877d885f149084e543
17:02:07.0073 4868 Mup ( LockedFile.Multi.Generic ) - warning
17:02:07.0073 4868 Mup - detected LockedFile.Multi.Generic (1)
17:02:07.0245 4868 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
17:02:07.0245 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 2007b826c4acd94ae32232b41f0842b9
17:02:07.0307 4868 NativeWifiP ( LockedFile.Multi.Generic ) - warning
17:02:07.0307 4868 NativeWifiP - detected LockedFile.Multi.Generic (1)
17:02:07.0447 4868 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
17:02:07.0447 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: 65950e07329fcee8e6516b17c8d0abb6
17:02:07.0510 4868 NDIS ( LockedFile.Multi.Generic ) - warning
17:02:07.0510 4868 NDIS - detected LockedFile.Multi.Generic (1)
17:02:07.0619 4868 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
17:02:07.0619 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 64df698a425478e321981431ac171334
17:02:07.0666 4868 NdisTapi ( LockedFile.Multi.Generic ) - warning
17:02:07.0666 4868 NdisTapi - detected LockedFile.Multi.Generic (1)
17:02:07.0791 4868 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
17:02:07.0791 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: 8baa43196d7b5bb972c9a6b2bbf61a19
17:02:07.0837 4868 Ndisuio ( LockedFile.Multi.Generic ) - warning
17:02:07.0837 4868 Ndisuio - detected LockedFile.Multi.Generic (1)
17:02:07.0978 4868 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
17:02:07.0978 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: f8158771905260982ce724076419ef19
17:02:08.0040 4868 NdisWan ( LockedFile.Multi.Generic ) - warning
17:02:08.0040 4868 NdisWan - detected LockedFile.Multi.Generic (1)
17:02:08.0165 4868 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
17:02:08.0165 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 9cb77ed7cb72850253e973a2d6afdf49
17:02:08.0212 4868 NDProxy ( LockedFile.Multi.Generic ) - warning
17:02:08.0212 4868 NDProxy - detected LockedFile.Multi.Generic (1)
17:02:08.0337 4868 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
17:02:08.0337 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: a499294f5029a7862adc115bda7371ce
17:02:08.0399 4868 NetBIOS ( LockedFile.Multi.Generic ) - warning
17:02:08.0399 4868 NetBIOS - detected LockedFile.Multi.Generic (1)
17:02:08.0602 4868 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
17:02:08.0602 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: fc2c792ebddc8e28df939d6a92c83d61
17:02:08.0664 4868 netbt ( LockedFile.Multi.Generic ) - warning
17:02:08.0664 4868 netbt - detected LockedFile.Multi.Generic (1)
17:02:09.0070 4868 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
17:02:09.0070 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\NETw3v64.sys. md5: c86984aee87900c1eeb6942ede3bf4b6
17:02:09.0132 4868 NETw3v64 ( LockedFile.Multi.Generic ) - warning
17:02:09.0132 4868 NETw3v64 - detected LockedFile.Multi.Generic (1)
17:02:09.0257 4868 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
17:02:09.0257 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\nfrd960.sys. md5: 4ac08bd6af2df42e0c3196d826c8aea7
17:02:09.0319 4868 nfrd960 ( LockedFile.Multi.Generic ) - warning
17:02:09.0319 4868 nfrd960 - detected LockedFile.Multi.Generic (1)
17:02:09.0475 4868 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
17:02:09.0475 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: b298874f8e0ea93f06ec40aa8d146478
17:02:09.0522 4868 Npfs ( LockedFile.Multi.Generic ) - warning
17:02:09.0522 4868 Npfs - detected LockedFile.Multi.Generic (1)
17:02:09.0662 4868 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
17:02:09.0662 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: 1523af19ee8b030ba682f7a53537eaeb
17:02:09.0725 4868 nsiproxy ( LockedFile.Multi.Generic ) - warning
17:02:09.0725 4868 nsiproxy - detected LockedFile.Multi.Generic (1)
17:02:09.0881 4868 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
17:02:09.0881 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: bac869dfb98e499ba4d9bb1fb43270e1
17:02:09.0943 4868 Ntfs ( LockedFile.Multi.Generic ) - warning
17:02:09.0943 4868 Ntfs - detected LockedFile.Multi.Generic (1)
17:02:10.0084 4868 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
17:02:10.0084 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\NuidFltr.sys. md5: d4012918d3a3847b44b888d56bc095d6
17:02:10.0162 4868 NuidFltr ( LockedFile.Multi.Generic ) - warning
17:02:10.0162 4868 NuidFltr - detected LockedFile.Multi.Generic (1)
17:02:10.0286 4868 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
17:02:10.0286 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: dd5d684975352b85b52e3fd5347c20cb
17:02:10.0349 4868 Null ( LockedFile.Multi.Generic ) - warning
17:02:10.0349 4868 Null - detected LockedFile.Multi.Generic (1)
17:02:10.0442 4868 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
17:02:10.0442 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: 2c040b7ada5b06f6facadac8514aa034
17:02:10.0505 4868 nvraid ( LockedFile.Multi.Generic ) - warning
17:02:10.0505 4868 nvraid - detected LockedFile.Multi.Generic (1)
17:02:10.0598 4868 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
17:02:10.0598 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: f7ea0fe82842d05eda3efdd376dbfdba
17:02:10.0661 4868 nvstor ( LockedFile.Multi.Generic ) - warning
17:02:10.0661 4868 nvstor - detected LockedFile.Multi.Generic (1)
17:02:10.0770 4868 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
17:02:10.0770 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 19067ca93075ef4823e3938a686f532f
17:02:10.0817 4868 nv_agp ( LockedFile.Multi.Generic ) - warning
17:02:10.0817 4868 nv_agp - detected LockedFile.Multi.Generic (1)
17:02:10.0910 4868 NwlnkFlt - ok
17:02:10.0942 4868 NwlnkFwd - ok
17:02:11.0035 4868 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
17:02:11.0035 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ohci1394.sys. md5: 1b30103fde512915a9214b108b6e7a9c
17:02:11.0082 4868 ohci1394 ( LockedFile.Multi.Generic ) - warning
17:02:11.0082 4868 ohci1394 - detected LockedFile.Multi.Generic (1)
17:02:11.0332 4868 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
17:02:11.0332 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\parport.sys. md5: aecd57f94c887f58919f307c35498ea0
17:02:11.0394 4868 Parport ( LockedFile.Multi.Generic ) - warning
17:02:11.0394 4868 Parport - detected LockedFile.Multi.Generic (1)
17:02:11.0519 4868 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
17:02:11.0519 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: f9b5eda4c17a2be7663f064dbf0fe254
17:02:11.0581 4868 partmgr ( LockedFile.Multi.Generic ) - warning
17:02:11.0581 4868 partmgr - detected LockedFile.Multi.Generic (1)
17:02:11.0753 4868 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
17:02:11.0753 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 47ab1e0fc9d0e12bb53ba246e3a0906d
17:02:11.0815 4868 pci ( LockedFile.Multi.Generic ) - warning
17:02:11.0815 4868 pci - detected LockedFile.Multi.Generic (1)
17:02:11.0924 4868 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
17:02:11.0924 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: 2657f6c0b78c36d95034be109336e382
17:02:11.0971 4868 pciide ( LockedFile.Multi.Generic ) - warning
17:02:11.0971 4868 pciide - detected LockedFile.Multi.Generic (1)
17:02:12.0111 4868 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
17:02:12.0111 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcmcia.sys. md5: 037661f3d7c507c9993b7010ceee6288
17:02:12.0174 4868 pcmcia ( LockedFile.Multi.Generic ) - warning
17:02:12.0174 4868 pcmcia - detected LockedFile.Multi.Generic (1)
17:02:12.0314 4868 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
17:02:12.0314 4868 Suspicious file (NoAccess): C:\Windows\system32\Drivers\pcouffin.sys. md5: af7ce12c4f3dc8cb2b07685c916bbcfe
17:02:12.0361 4868 pcouffin ( LockedFile.Multi.Generic ) - warning
17:02:12.0361 4868 pcouffin - detected LockedFile.Multi.Generic (1)
17:02:12.0501 4868 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
17:02:12.0501 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 58865916f53592a61549b04941bfd80d
17:02:12.0564 4868 PEAUTH ( LockedFile.Multi.Generic ) - warning
17:02:12.0564 4868 PEAUTH - detected LockedFile.Multi.Generic (1)
17:02:12.0969 4868 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
17:02:12.0969 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: 23386e9952025f5f21c368971e2e7301
17:02:13.0016 4868 PptpMiniport ( LockedFile.Multi.Generic ) - warning
17:02:13.0016 4868 PptpMiniport - detected LockedFile.Multi.Generic (1)
17:02:13.0125 4868 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
17:02:13.0125 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\processr.sys. md5: 5080e59ecee0bc923f14018803aa7a01
17:02:13.0188 4868 Processor ( LockedFile.Multi.Generic ) - warning
17:02:13.0188 4868 Processor - detected LockedFile.Multi.Generic (1)
17:02:13.0391 4868 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
17:02:13.0391 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: c5ab7f0809392d0da027f4a2a81bfa31
17:02:13.0469 4868 PSched ( LockedFile.Multi.Generic ) - warning
17:02:13.0469 4868 PSched - detected LockedFile.Multi.Generic (1)
17:02:13.0625 4868 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
17:02:13.0625 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql2300.sys. md5: 0b83f4e681062f3839be2ec1d98fd94a
17:02:13.0687 4868 ql2300 ( LockedFile.Multi.Generic ) - warning
17:02:13.0687 4868 ql2300 - detected LockedFile.Multi.Generic (1)
17:02:13.0796 4868 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
17:02:13.0796 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql40xx.sys. md5: e1c80f8d4d1e39ef9595809c1369bf2a
17:02:13.0859 4868 ql40xx ( LockedFile.Multi.Generic ) - warning
17:02:13.0859 4868 ql40xx - detected LockedFile.Multi.Generic (1)
17:02:13.0999 4868 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
17:02:13.0999 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: e8d76edab77ec9c634c27b8eac33adc5
17:02:14.0046 4868 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
17:02:14.0046 4868 QWAVEdrv - detected LockedFile.Multi.Generic (1)
17:02:14.0155 4868 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
17:02:14.0155 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 1013b3b663a56d3ddd784f581c1bd005
17:02:14.0249 4868 RasAcd ( LockedFile.Multi.Generic ) - warning
17:02:14.0249 4868 RasAcd - detected LockedFile.Multi.Generic (1)
17:02:14.0623 4868 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:02:14.0623 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: ac7bc4d42a7e558718dfdec599bbfc2c
17:02:14.0717 4868 Rasl2tp ( LockedFile.Multi.Generic ) - warning
17:02:14.0717 4868 Rasl2tp - detected LockedFile.Multi.Generic (1)
17:02:14.0873 4868 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
17:02:14.0873 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 4517fbf8b42524afe4ede1de102aae3e
17:02:14.0935 4868 RasPppoe ( LockedFile.Multi.Generic ) - warning
17:02:14.0935 4868 RasPppoe - detected LockedFile.Multi.Generic (1)
17:02:15.0075 4868 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
17:02:15.0075 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: c6a593b51f34c33e5474539544072527
17:02:15.0122 4868 RasSstp ( LockedFile.Multi.Generic ) - warning
17:02:15.0122 4868 RasSstp - detected LockedFile.Multi.Generic (1)
17:02:15.0263 4868 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
17:02:15.0263 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: 322db5c6b55e8d8ee8d6f358b2aaabb1
17:02:15.0325 4868 rdbss ( LockedFile.Multi.Generic ) - warning
17:02:15.0325 4868 rdbss - detected LockedFile.Multi.Generic (1)
17:02:15.0450 4868 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:02:15.0450 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: 603900cc05f6be65ccbf373800af3716
17:02:15.0528 4868 RDPCDD ( LockedFile.Multi.Generic ) - warning
17:02:15.0528 4868 RDPCDD - detected LockedFile.Multi.Generic (1)
17:02:15.0652 4868 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
17:02:15.0652 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpdr.sys. md5: c045d1fb111c28df0d1be8d4bda22c06
17:02:15.0715 4868 rdpdr ( LockedFile.Multi.Generic ) - warning
17:02:15.0715 4868 rdpdr - detected LockedFile.Multi.Generic (1)
17:02:15.0824 4868 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
17:02:15.0824 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: cab9421daf3d97b33d0d055858e2c3ab
17:02:15.0902 4868 RDPENCDD ( LockedFile.Multi.Generic ) - warning
17:02:15.0902 4868 RDPENCDD - detected LockedFile.Multi.Generic (1)
17:02:16.0058 4868 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
17:02:16.0058 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: b1d741c87cea8d7282146366cc9c3f81
17:02:16.0105 4868 RDPWD ( LockedFile.Multi.Generic ) - warning
17:02:16.0105 4868 RDPWD - detected LockedFile.Multi.Generic (1)
17:02:16.0308 4868 RFCOMM (72c35598ba591abddc37fce7d26fe1c4) C:\Windows\system32\DRIVERS\rfcomm.sys
17:02:16.0308 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rfcomm.sys. md5: 72c35598ba591abddc37fce7d26fe1c4
17:02:16.0386 4868 RFCOMM ( LockedFile.Multi.Generic ) - warning
17:02:16.0386 4868 RFCOMM - detected LockedFile.Multi.Generic (1)
17:02:16.0588 4868 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
17:02:16.0588 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: 22a9cb08b1a6707c1550c6bf099aae73
17:02:16.0651 4868 rspndr ( LockedFile.Multi.Generic ) - warning
17:02:16.0651 4868 rspndr - detected LockedFile.Multi.Generic (1)
17:02:16.0776 4868 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
17:02:16.0776 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rtlh64.sys. md5: 170a66dfaaa22358e08d6f4b38c8f3df
17:02:16.0838 4868 RTL8169 ( LockedFile.Multi.Generic ) - warning
17:02:16.0838 4868 RTL8169 - detected LockedFile.Multi.Generic (1)
17:02:16.0994 4868 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
17:02:16.0994 4868 SASDIFSV - ok
17:02:17.0041 4868 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
17:02:17.0041 4868 SASENUM - ok
17:02:17.0103 4868 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
17:02:17.0103 4868 SASKUTIL - ok
17:02:17.0212 4868 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
17:02:17.0212 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: cd9c693589c60ad59bbbcfb0e524e01b
17:02:17.0275 4868 sbp2port ( LockedFile.Multi.Generic ) - warning
17:02:17.0275 4868 sbp2port - detected LockedFile.Multi.Generic (1)
17:02:17.0368 4868 SBRE - ok
17:02:17.0524 4868 SCDEmu (d3022dba20029f1899b555298a5e95a3) C:\Windows\system32\drivers\SCDEmu.sys
17:02:17.0524 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\SCDEmu.sys. md5: d3022dba20029f1899b555298a5e95a3
17:02:17.0556 4868 SCDEmu ( LockedFile.Multi.Generic ) - warning
17:02:17.0556 4868 SCDEmu - detected LockedFile.Multi.Generic (1)
17:02:17.0743 4868 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
17:02:17.0743 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sdbus.sys. md5: b42ee50f7d24f837f925332eb349eca5
17:02:17.0821 4868 sdbus ( LockedFile.Multi.Generic ) - warning
17:02:17.0821 4868 sdbus - detected LockedFile.Multi.Generic (1)
17:02:18.0008 4868 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
17:02:18.0008 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\serenum.sys. md5: f71bfe7ac6c52273b7c82cbf1bb2a222
17:02:18.0070 4868 Serenum ( LockedFile.Multi.Generic ) - warning
17:02:18.0070 4868 Serenum - detected LockedFile.Multi.Generic (1)
17:02:18.0180 4868 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
17:02:18.0180 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\serial.sys. md5: e62fac91ee288db29a9696a9d279929c
17:02:18.0226 4868 Serial ( LockedFile.Multi.Generic ) - warning
17:02:18.0226 4868 Serial - detected LockedFile.Multi.Generic (1)
17:02:18.0351 4868 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
17:02:18.0351 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sermouse.sys. md5: a842f04833684bceea7336211be478df
17:02:18.0429 4868 sermouse ( LockedFile.Multi.Generic ) - warning
17:02:18.0429 4868 sermouse - detected LockedFile.Multi.Generic (1)
17:02:18.0616 4868 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
17:02:18.0616 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: 14d4b4465193a87c127933978e8c4106
17:02:18.0663 4868 sffdisk ( LockedFile.Multi.Generic ) - warning
17:02:18.0663 4868 sffdisk - detected LockedFile.Multi.Generic (1)
17:02:18.0804 4868 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
17:02:18.0804 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: 7073aee3f82f3d598e3825962aa98ab2
17:02:18.0866 4868 sffp_mmc ( LockedFile.Multi.Generic ) - warning
17:02:18.0866 4868 sffp_mmc - detected LockedFile.Multi.Generic (1)
17:02:18.0991 4868 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
17:02:18.0991 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: 35e59ebe4a01a0532ed67975161c7b82
17:02:19.0053 4868 sffp_sd ( LockedFile.Multi.Generic ) - warning
17:02:19.0069 4868 sffp_sd - detected LockedFile.Multi.Generic (1)
17:02:19.0178 4868 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
17:02:19.0178 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfloppy.sys. md5: 6b7838c94135768bd455cbdc23e39e5f
17:02:19.0240 4868 sfloppy ( LockedFile.Multi.Generic ) - warning
17:02:19.0240 4868 sfloppy - detected LockedFile.Multi.Generic (1)
17:02:19.0427 4868 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
17:02:19.0427 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid2.sys. md5: 7a5de502aeb719d4594c6471060a78b3
17:02:19.0490 4868 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
17:02:19.0490 4868 SiSRaid2 - detected LockedFile.Multi.Generic (1)
17:02:19.0599 4868 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
17:02:19.0599 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid4.sys. md5: 3a2f769fab9582bc720e11ea1dfb184d
17:02:19.0708 4868 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
17:02:19.0708 4868 SiSRaid4 - detected LockedFile.Multi.Generic (1)
17:02:19.0911 4868 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
17:02:19.0911 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 290b6f6a0ec4fcdfc90f5cb6d7020473
17:02:19.0989 4868 Smb ( LockedFile.Multi.Generic ) - warning
17:02:19.0989 4868 Smb - detected LockedFile.Multi.Generic (1)
17:02:20.0192 4868 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
17:02:20.0192 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: 386c3c63f00a7040c7ec5e384217e89d
17:02:20.0254 4868 spldr ( LockedFile.Multi.Generic ) - warning
17:02:20.0254 4868 spldr - detected LockedFile.Multi.Generic (1)
17:02:20.0426 4868 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
17:02:20.0426 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 880a57fccb571ebd063d4dd50e93e46d
17:02:20.0488 4868 srv ( LockedFile.Multi.Generic ) - warning
17:02:20.0488 4868 srv - detected LockedFile.Multi.Generic (1)
17:02:20.0660 4868 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
17:02:20.0660 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: a1ad14a6d7a37891fffeca35ebbb0730
17:02:20.0722 4868 srv2 ( LockedFile.Multi.Generic ) - warning
17:02:20.0722 4868 srv2 - detected LockedFile.Multi.Generic (1)
17:02:20.0894 4868 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
17:02:20.0894 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 4bed62f4fa4d8300973f1151f4c4d8a7
17:02:20.0941 4868 srvnet ( LockedFile.Multi.Generic ) - warning
17:02:20.0941 4868 srvnet - detected LockedFile.Multi.Generic (1)
17:02:21.0175 4868 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
17:02:21.0175 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\stwrt64.sys. md5: e01797a54f8a61512b7e590fde6d1988
17:02:21.0237 4868 STHDA ( LockedFile.Multi.Generic ) - warning
17:02:21.0237 4868 STHDA - detected LockedFile.Multi.Generic (1)
17:02:21.0377 4868 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
17:02:21.0377 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serscan.sys. md5: 14b4db4381e4a55f570d8bb699b791d6
17:02:21.0440 4868 StillCam ( LockedFile.Multi.Generic ) - warning
17:02:21.0440 4868 StillCam - detected LockedFile.Multi.Generic (1)
17:02:21.0580 4868 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
17:02:21.0580 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: 8a851ca908b8b974f89c50d2e18d4f0c
17:02:21.0658 4868 swenum ( LockedFile.Multi.Generic ) - warning
17:02:21.0658 4868 swenum - detected LockedFile.Multi.Generic (1)
17:02:21.0799 4868 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
17:02:21.0799 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\symc8xx.sys. md5: 2f26a2c6fc96b29beff5d8ed74e6625b
17:02:21.0861 4868 Symc8xx ( LockedFile.Multi.Generic ) - warning
17:02:21.0861 4868 Symc8xx - detected LockedFile.Multi.Generic (1)
17:02:21.0970 4868 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
17:02:21.0970 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_hi.sys. md5: a909667976d3bccd1df813fed517d837
17:02:22.0048 4868 Sym_hi ( LockedFile.Multi.Generic ) - warning
17:02:22.0048 4868 Sym_hi - detected LockedFile.Multi.Generic (1)
17:02:22.0157 4868 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
17:02:22.0157 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_u3.sys. md5: 36887b56ec2d98b9c362f6ae4de5b7b0
17:02:22.0220 4868 Sym_u3 ( LockedFile.Multi.Generic ) - warning
17:02:22.0220 4868 Sym_u3 - detected LockedFile.Multi.Generic (1)
17:02:22.0376 4868 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
17:02:22.0376 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SynTP.sys. md5: 3a706a967295e16511e40842b1a2761d
17:02:22.0438 4868 SynTP ( LockedFile.Multi.Generic ) - warning
17:02:22.0438 4868 SynTP - detected LockedFile.Multi.Generic (1)
17:02:22.0750 4868 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
17:02:22.0750 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: 2cc45d932bd193cd4117321d469ad6b2
17:02:22.0828 4868 Tcpip ( LockedFile.Multi.Generic ) - warning
17:02:22.0828 4868 Tcpip - detected LockedFile.Multi.Generic (1)
17:02:23.0015 4868 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
17:02:23.0015 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: 2cc45d932bd193cd4117321d469ad6b2
17:02:23.0093 4868 Tcpip6 ( LockedFile.Multi.Generic ) - warning
17:02:23.0093 4868 Tcpip6 - detected LockedFile.Multi.Generic (1)
17:02:23.0218 4868 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
17:02:23.0218 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: c7e72a4071ee0200e3c075dacfb2b334
17:02:23.0265 4868 tcpipreg ( LockedFile.Multi.Generic ) - warning
17:02:23.0265 4868 tcpipreg - detected LockedFile.Multi.Generic (1)
17:02:23.0405 4868 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
17:02:23.0405 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 1d8bf4aaa5fb7a2761475781dc1195bc
17:02:23.0452 4868 TDPIPE ( LockedFile.Multi.Generic ) - warning
17:02:23.0452 4868 TDPIPE - detected LockedFile.Multi.Generic (1)
17:02:23.0577 4868 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
17:02:23.0577 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 7f7e00cdf609df657f4cda02dd1c9bb1
17:02:23.0639 4868 TDTCP ( LockedFile.Multi.Generic ) - warning
17:02:23.0639 4868 TDTCP - detected LockedFile.Multi.Generic (1)
17:02:23.0795 4868 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
17:02:23.0795 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: 458919c8c42e398dc4802178d5ffee27
17:02:23.0858 4868 tdx ( LockedFile.Multi.Generic ) - warning
17:02:23.0858 4868 tdx - detected LockedFile.Multi.Generic (1)
17:02:24.0029 4868 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
17:02:24.0029 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: 8c19678d22649ec002ef2282eae92f98
17:02:24.0092 4868 TermDD ( LockedFile.Multi.Generic ) - warning
17:02:24.0092 4868 TermDD - detected LockedFile.Multi.Generic (1)
17:02:24.0372 4868 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:02:24.0372 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: 9e5409cd17c8bef193aad498f3bc2cb8
17:02:24.0419 4868 tssecsrv ( LockedFile.Multi.Generic ) - warning
17:02:24.0419 4868 tssecsrv - detected LockedFile.Multi.Generic (1)
17:02:24.0560 4868 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
17:02:24.0560 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 30a9b3f45ad081bffc3bcaa9c812b609
17:02:24.0622 4868 tunnel ( LockedFile.Multi.Generic ) - warning
17:02:24.0622 4868 tunnel - detected LockedFile.Multi.Generic (1)
17:02:24.0809 4868 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
17:02:24.0809 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\uagp35.sys. md5: fec266ef401966311744bd0f359f7f56
17:02:24.0887 4868 uagp35 ( LockedFile.Multi.Generic ) - warning
17:02:24.0887 4868 uagp35 - detected LockedFile.Multi.Generic (1)
17:02:25.0043 4868 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
17:02:25.0043 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: faf2640a2a76ed03d449e443194c4c34
17:02:25.0106 4868 udfs ( LockedFile.Multi.Generic ) - warning
17:02:25.0106 4868 udfs - detected LockedFile.Multi.Generic (1)
17:02:25.0277 4868 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
17:02:25.0277 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 4ec9447ac3ab462647f60e547208ca00
17:02:25.0355 4868 uliagpkx ( LockedFile.Multi.Generic ) - warning
17:02:25.0355 4868 uliagpkx - detected LockedFile.Multi.Generic (1)
17:02:25.0496 4868 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
17:02:25.0496 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliahci.sys. md5: 697f0446134cdc8f99e69306184fbbb4
17:02:25.0558 4868 uliahci ( LockedFile.Multi.Generic ) - warning
17:02:25.0558 4868 uliahci - detected LockedFile.Multi.Generic (1)
17:02:25.0683 4868 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
17:02:25.0683 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata.sys. md5: 31707f09846056651ea2c37858f5ddb0
17:02:25.0745 4868 UlSata ( LockedFile.Multi.Generic ) - warning
17:02:25.0745 4868 UlSata - detected LockedFile.Multi.Generic (1)
17:02:25.0870 4868 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
17:02:25.0870 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata2.sys. md5: 85e5e43ed5b48c8376281bab519271b7
17:02:25.0948 4868 ulsata2 ( LockedFile.Multi.Generic ) - warning
17:02:25.0948 4868 ulsata2 - detected LockedFile.Multi.Generic (1)
17:02:26.0057 4868 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
17:02:26.0057 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: 46e9a994c4fed537dd951f60b86ad3f4
17:02:26.0119 4868 umbus ( LockedFile.Multi.Generic ) - warning
17:02:26.0119 4868 umbus - detected LockedFile.Multi.Generic (1)
17:02:26.0291 4868 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
17:02:26.0291 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: 07e3498fc60834219d2356293da0fecc
17:02:26.0353 4868 usbccgp ( LockedFile.Multi.Generic ) - warning
17:02:26.0353 4868 usbccgp - detected LockedFile.Multi.Generic (1)
17:02:26.0463 4868 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
17:02:26.0463 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: 9247f7e0b65852c1f6631480984d6ed2
17:02:26.0556 4868 usbcir ( LockedFile.Multi.Generic ) - warning
17:02:26.0556 4868 usbcir - detected LockedFile.Multi.Generic (1)
17:02:26.0681 4868 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
17:02:26.0681 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: 827e44de934a736ea31e91d353eb126f
17:02:26.0743 4868 usbehci ( LockedFile.Multi.Generic ) - warning
17:02:26.0743 4868 usbehci - detected LockedFile.Multi.Generic (1)
17:02:26.0868 4868 usbfilter (8fec71666aba7114f9cab9e56065ec80) C:\Windows\system32\DRIVERS\usbfilter.sys
17:02:26.0868 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbfilter.sys. md5: 8fec71666aba7114f9cab9e56065ec80
17:02:26.0946 4868 usbfilter ( LockedFile.Multi.Generic ) - warning
17:02:26.0946 4868 usbfilter - detected LockedFile.Multi.Generic (1)
17:02:27.0087 4868 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
17:02:27.0087 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: bb35cd80a2ececfadc73569b3d70c7d1
17:02:27.0149 4868 usbhub ( LockedFile.Multi.Generic ) - warning
17:02:27.0149 4868 usbhub - detected LockedFile.Multi.Generic (1)
17:02:27.0258 4868 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
17:02:27.0258 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbohci.sys. md5: e406b003a354776d317762694956b0fc
17:02:27.0321 4868 usbohci ( LockedFile.Multi.Generic ) - warning
17:02:27.0321 4868 usbohci - detected LockedFile.Multi.Generic (1)
17:02:27.0461 4868 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
17:02:27.0461 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: 28b693b6d31e7b9332c1bdcefef228c1
17:02:27.0523 4868 usbprint ( LockedFile.Multi.Generic ) - warning
17:02:27.0523 4868 usbprint - detected LockedFile.Multi.Generic (1)
17:02:27.0679 4868 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
17:02:27.0679 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbscan.sys. md5: ea0bf666868964fbe8cb10e50c97b9f1
17:02:27.0726 4868 usbscan ( LockedFile.Multi.Generic ) - warning
17:02:27.0726 4868 usbscan - detected LockedFile.Multi.Generic (1)
17:02:27.0898 4868 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:02:27.0898 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: b854c1558fca0c269a38663e8b59b581
17:02:27.0976 4868 USBSTOR ( LockedFile.Multi.Generic ) - warning
17:02:27.0976 4868 USBSTOR - detected LockedFile.Multi.Generic (1)
17:02:28.0085 4868 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
17:02:28.0085 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: b2872cbf9f47316abd0e0c74a1aba507
17:02:28.0147 4868 usbuhci ( LockedFile.Multi.Generic ) - warning
17:02:28.0147 4868 usbuhci - detected LockedFile.Multi.Generic (1)
17:02:28.0272 4868 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
17:02:28.0272 4868 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbvideo.sys. md5: fc33099877790d51b0927b7039059855
17:02:28.0350 4868 usbvideo ( LockedFile.Multi.Generic ) - warning
17:02:28.0350 4868 usbvideo - detected LockedFile.Multi.Generic (1)
17:02:28.0537 4868 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
17:02:28.0537 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 916b94bcf1e09873fff2d5fb11767bbc
17:02:28.0615 4868 vga ( LockedFile.Multi.Generic ) - warning
17:02:28.0615 4868 vga - detected LockedFile.Multi.Generic (1)
17:02:28.0740 4868 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
17:02:28.0740 4868 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: b83ab16b51feda65dd81b8c59d114d63
17:02:28.0818 4868 VgaSave ( LockedFile.Multi.Generic ) - warning
17:02:28.0818 4868 VgaSave - detected LockedFile.Multi.Generic (1)
17:02:28.0927 4868 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
17:02:28.0927 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: 4f964e6828156f0ef3fa8d3a9a7895de
17:02:28.0990 4868 viaide ( LockedFile.Multi.Generic ) - warning
17:02:28.0990 4868 viaide - detected LockedFile.Multi.Generic (1)
17:02:29.0146 4868 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
17:02:29.0146 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 2b7e885ed951519a12c450d24535dfca
17:02:29.0208 4868 volmgr ( LockedFile.Multi.Generic ) - warning
17:02:29.0208 4868 volmgr - detected LockedFile.Multi.Generic (1)
17:02:29.0348 4868 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
17:02:29.0348 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: cec5ac15277d75d9e5dec2e1c6eaf877
17:02:29.0411 4868 volmgrx ( LockedFile.Multi.Generic ) - warning
17:02:29.0411 4868 volmgrx - detected LockedFile.Multi.Generic (1)
17:02:29.0598 4868 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
17:02:29.0598 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 5280aada24ab36b01a84a6424c475c8d
17:02:29.0645 4868 volsnap ( LockedFile.Multi.Generic ) - warning
17:02:29.0645 4868 volsnap - detected LockedFile.Multi.Generic (1)
17:02:29.0785 4868 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
17:02:29.0785 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: a68f455ed2673835209318dd61bfbb0e
17:02:29.0848 4868 vsmraid ( LockedFile.Multi.Generic ) - warning
17:02:29.0848 4868 vsmraid - detected LockedFile.Multi.Generic (1)
17:02:30.0019 4868 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
17:02:30.0019 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: fef8fe5923fead2cee4dfabfce3393a7
17:02:30.0082 4868 WacomPen ( LockedFile.Multi.Generic ) - warning
17:02:30.0082 4868 WacomPen - detected LockedFile.Multi.Generic (1)
17:02:30.0222 4868 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
17:02:30.0222 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: b8e7049622300d20ba6d8be0c47c0cfd
17:02:30.0284 4868 Wanarp ( LockedFile.Multi.Generic ) - warning
17:02:30.0284 4868 Wanarp - detected LockedFile.Multi.Generic (1)
17:02:30.0347 4868 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
17:02:30.0347 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: b8e7049622300d20ba6d8be0c47c0cfd
17:02:30.0347 4868 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
17:02:30.0347 4868 Wanarpv6 - detected LockedFile.Multi.Generic (1)
17:02:30.0518 4868 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
17:02:30.0518 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: 0c17a0816f65b89e362e682ad5e7266e
17:02:30.0581 4868 Wd ( LockedFile.Multi.Generic ) - warning
17:02:30.0581 4868 Wd - detected LockedFile.Multi.Generic (1)
17:02:30.0752 4868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:02:30.0752 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 441bd2d7b4f98134c3a4f9fa570fd250
17:02:30.0815 4868 Wdf01000 ( LockedFile.Multi.Generic ) - warning
17:02:30.0815 4868 Wdf01000 - detected LockedFile.Multi.Generic (1)
17:02:31.0361 4868 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:02:31.0361 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: e18aebaaa5a773fe11aa2c70f65320f5
17:02:31.0423 4868 WmiAcpi ( LockedFile.Multi.Generic ) - warning
17:02:31.0423 4868 WmiAcpi - detected LockedFile.Multi.Generic (1)
17:02:31.0688 4868 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
17:02:31.0688 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wpdusb.sys. md5: 5e2401b3fc1089c90e081291357371a9
17:02:31.0766 4868 WpdUsb ( LockedFile.Multi.Generic ) - warning
17:02:31.0766 4868 WpdUsb - detected LockedFile.Multi.Generic (1)
17:02:31.0922 4868 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
17:02:31.0922 4868 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 8a900348370e359b6bff6a550e4649e1
17:02:32.0000 4868 ws2ifsl ( LockedFile.Multi.Generic ) - warning
17:02:32.0000 4868 ws2ifsl - detected LockedFile.Multi.Generic (1)
17:02:32.0172 4868 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:02:32.0172 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WSDPrint.sys. md5: de5f5212ab34221dd1618b5fefe8db6c
17:02:32.0234 4868 WSDPrintDevice ( LockedFile.Multi.Generic ) - warning
17:02:32.0234 4868 WSDPrintDevice - detected LockedFile.Multi.Generic (1)
17:02:32.0422 4868 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:02:32.0422 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 501a65252617b495c0f1832f908d54d8
17:02:32.0500 4868 WUDFRd ( LockedFile.Multi.Generic ) - warning
17:02:32.0500 4868 WUDFRd - detected LockedFile.Multi.Generic (1)
17:02:32.0765 4868 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
17:02:32.0765 4868 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\yk60x64.sys. md5: 07f7285220307aafb755d890295f0f9a
17:02:32.0967 4868 yukonx64 ( LockedFile.Multi.Generic ) - warning
17:02:32.0967 4868 yukonx64 - detected LockedFile.Multi.Generic (1)
17:02:33.0108 4868 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
17:02:33.0108 4868 Suspicious file (NoAccess): C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl. md5: 1cacfef9e5dd866c5b79a135ee729e18
17:02:33.0170 4868 {55662437-DA8C-40c0-AADA-2C816A897A49} ( LockedFile.Multi.Generic ) - warning
17:02:33.0170 4868 {55662437-DA8C-40c0-AADA-2C816A897A49} - detected LockedFile.Multi.Generic (1)
17:02:33.0186 4868 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
17:02:33.0217 4868 \Device\Harddisk0\DR0 - ok
17:02:33.0248 4868 Boot (0x1200) (e8187f752a0c320a256a01dedf982143) \Device\Harddisk0\DR0\Partition0
17:02:33.0248 4868 \Device\Harddisk0\DR0\Partition0 - ok
17:02:33.0279 4868 Boot (0x1200) (5534444288566c0f873001ce61b61f18) \Device\Harddisk0\DR0\Partition1
17:02:33.0279 4868 \Device\Harddisk0\DR0\Partition1 - ok
17:02:33.0279 4868 ============================================================
17:02:33.0279 4868 Scan finished
17:02:33.0279 4868 ============================================================
17:02:33.0295 4676 Detected object count: 182
17:02:33.0295 4676 Actual detected object count: 182
17:02:48.0340 4676 f174c4c34bd59b03 ( LockedService.Multi.Generic ) - skipped by user
17:02:48.0340 4676 f174c4c34bd59b03 ( LockedService.Multi.Generic ) - User select action: Skip
17:02:48.0344 4676 Filetrace ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0344 4676 Filetrace ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0346 4676 flpydisk ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0346 4676 flpydisk ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0349 4676 FltMgr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0349 4676 FltMgr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0352 4676 Fs_Rec ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0352 4676 Fs_Rec ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0355 4676 gagp30kx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0355 4676 gagp30kx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0358 4676 GEARAspiWDM ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0358 4676 GEARAspiWDM ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0361 4676 HdAudAddService ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0361 4676 HdAudAddService ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0364 4676 HDAudBus ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0364 4676 HDAudBus ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0367 4676 HidBth ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0367 4676 HidBth ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0369 4676 HidIr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0369 4676 HidIr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0372 4676 HidUsb ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0372 4676 HidUsb ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0375 4676 HpCISSs ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0375 4676 HpCISSs ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0378 4676 hpdskflt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0378 4676 hpdskflt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0381 4676 HpqKbFiltr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0381 4676 HpqKbFiltr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0384 4676 HTTP ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0384 4676 HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0387 4676 i2omp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0387 4676 i2omp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0389 4676 i8042prt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0390 4676 i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0392 4676 iaStorV ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0392 4676 iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0396 4676 iirsp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0396 4676 iirsp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0398 4676 intelide ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0398 4676 intelide ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0401 4676 intelppm ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0401 4676 intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0404 4676 IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0404 4676 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0407 4676 IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0407 4676 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0412 4676 IPNAT ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0412 4676 IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0413 4676 IRENUM ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0413 4676 IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0416 4676 isapnp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0416 4676 isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0418 4676 iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0418 4676 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0421 4676 iteatapi ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0421 4676 iteatapi ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0424 4676 iteraid ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0424 4676 iteraid ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0427 4676 JMCR ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0427 4676 JMCR ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0432 4676 kbdclass ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0432 4676 kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0435 4676 kbdhid ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0435 4676 kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0437 4676 KSecDD ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0437 4676 KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0440 4676 ksthunk ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0440 4676 ksthunk ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0443 4676 LHidFilt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0443 4676 LHidFilt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0446 4676 lltdio ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0446 4676 lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0449 4676 LMouFilt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0449 4676 LMouFilt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0450 4676 LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0450 4676 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0453 4676 LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0453 4676 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0456 4676 LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0456 4676 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0458 4676 luafv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0459 4676 luafv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0461 4676 mcdbus ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0461 4676 mcdbus ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0464 4676 megasas ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0465 4676 megasas ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0469 4676 MegaSR ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0469 4676 MegaSR ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0470 4676 Modem ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0470 4676 Modem ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0473 4676 monitor ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0473 4676 monitor ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0476 4676 mouclass ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0476 4676 mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0478 4676 mouhid ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0478 4676 mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0481 4676 MountMgr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0482 4676 MountMgr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0484 4676 mpio ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0484 4676 mpio ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0487 4676 mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0487 4676 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0490 4676 Mraid35x ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0490 4676 Mraid35x ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0493 4676 MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0493 4676 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0497 4676 mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0497 4676 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0499 4676 mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0499 4676 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0502 4676 mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0502 4676 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0505 4676 msahci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0505 4676 msahci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0507 4676 msdsm ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0507 4676 msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0510 4676 Msfs ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0510 4676 Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0514 4676 msisadrv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0514 4676 msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0516 4676 MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0516 4676 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0519 4676 MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0519 4676 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0522 4676 MSPQM ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0522 4676 MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0525 4676 MsRPC ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0525 4676 MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0528 4676 mssmbios ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0528 4676 mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0533 4676 MSTEE ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0533 4676 MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0535 4676 Mup ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0535 4676 Mup ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0538 4676 NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0538 4676 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0541 4676 NDIS ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0541 4676 NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0544 4676 NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0544 4676 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0546 4676 Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0546 4676 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0549 4676 NdisWan ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0549 4676 NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0552 4676 NDProxy ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0552 4676 NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0555 4676 NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0555 4676 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0558 4676 netbt ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0558 4676 netbt ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0561 4676 NETw3v64 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0561 4676 NETw3v64 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0565 4676 nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0565 4676 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0568 4676 Npfs ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0568 4676 Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0570 4676 nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0570 4676 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0573 4676 Ntfs ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0573 4676 Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0576 4676 NuidFltr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0576 4676 NuidFltr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0579 4676 Null ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0579 4676 Null ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0582 4676 nvraid ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0582 4676 nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0585 4676 nvstor ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0585 4676 nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0588 4676 nv_agp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0588 4676 nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0591 4676 ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0591 4676 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0591 4676 Parport ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0591 4676 Parport ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0594 4676 partmgr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0594 4676 partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0597 4676 pci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0597 4676 pci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0600 4676 pciide ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0600 4676 pciide ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0603 4676 pcmcia ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0603 4676 pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0605 4676 pcouffin ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0605 4676 pcouffin ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0608 4676 PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0608 4676 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0611 4676 PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0611 4676 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0614 4676 Processor ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0614 4676 Processor ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0617 4676 PSched ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0617 4676 PSched ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0620 4676 ql2300 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0620 4676 ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0622 4676 ql40xx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0623 4676 ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0625 4676 QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0625 4676 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0628 4676 RasAcd ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0628 4676 RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0631 4676 Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0631 4676 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0634 4676 RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0634 4676 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0637 4676 RasSstp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0638 4676 RasSstp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0640 4676 rdbss ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0641 4676 rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0641 4676 RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0641 4676 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0644 4676 rdpdr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0644 4676 rdpdr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0646 4676 RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0646 4676 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0650 4676 RDPWD ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0650 4676 RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0653 4676 RFCOMM ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0654 4676 RFCOMM ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0656 4676 rspndr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0656 4676 rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0659 4676 RTL8169 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0659 4676 RTL8169 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0663 4676 sbp2port ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0663 4676 sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0663 4676 SCDEmu ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0663 4676 SCDEmu ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0666 4676 sdbus ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0666 4676 sdbus ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0667 4676 Serenum ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0667 4676 Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0670 4676 Serial ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0670 4676 Serial ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0672 4676 sermouse ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0672 4676 sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0675 4676 sffdisk ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0675 4676 sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0678 4676 sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0678 4676 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0681 4676 sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0681 4676 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0684 4676 sfloppy ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0684 4676 sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0687 4676 SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0687 4676 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0690 4676 SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0690 4676 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0693 4676 Smb ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0693 4676 Smb ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0695 4676 spldr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0695 4676 spldr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0698 4676 srv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0698 4676 srv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0701 4676 srv2 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0702 4676 srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0704 4676 srvnet ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0704 4676 srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0707 4676 STHDA ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0707 4676 STHDA ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0710 4676 StillCam ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0710 4676 StillCam ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0713 4676 swenum ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0713 4676 swenum ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0715 4676 Symc8xx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0715 4676 Symc8xx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0719 4676 Sym_hi ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0719 4676 Sym_hi ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0721 4676 Sym_u3 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0721 4676 Sym_u3 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0724 4676 SynTP ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0724 4676 SynTP ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0727 4676 Tcpip ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0727 4676 Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0730 4676 Tcpip6 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0730 4676 Tcpip6 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0733 4676 tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0733 4676 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0736 4676 TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0736 4676 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0739 4676 TDTCP ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0739 4676 TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0742 4676 tdx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0742 4676 tdx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0744 4676 TermDD ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0744 4676 TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0747 4676 tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0747 4676 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0750 4676 tunnel ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0750 4676 tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0754 4676 uagp35 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0754 4676 uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0756 4676 udfs ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0756 4676 udfs ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0759 4676 uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0759 4676 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0762 4676 uliahci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0762 4676 uliahci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0764 4676 UlSata ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0764 4676 UlSata ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0770 4676 ulsata2 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0770 4676 ulsata2 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0771 4676 umbus ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0771 4676 umbus ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0773 4676 usbccgp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0773 4676 usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0776 4676 usbcir ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0776 4676 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0779 4676 usbehci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0779 4676 usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0783 4676 usbfilter ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0783 4676 usbfilter ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0784 4676 usbhub ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0785 4676 usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0788 4676 usbohci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0788 4676 usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0790 4676 usbprint ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0790 4676 usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0793 4676 usbscan ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0793 4676 usbscan ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0796 4676 USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0796 4676 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0799 4676 usbuhci ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0799 4676 usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0802 4676 usbvideo ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0802 4676 usbvideo ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0805 4676 vga ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0805 4676 vga ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0807 4676 VgaSave ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0807 4676 VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0810 4676 viaide ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0810 4676 viaide ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0813 4676 volmgr ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0813 4676 volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0817 4676 volmgrx ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0817 4676 volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0819 4676 volsnap ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0819 4676 volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0822 4676 vsmraid ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0822 4676 vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0822 4676 WacomPen ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0823 4676 WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0825 4676 Wanarp ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0825 4676 Wanarp ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0828 4676 Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0828 4676 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0831 4676 Wd ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0831 4676 Wd ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0834 4676 Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0834 4676 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0834 4676 WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0834 4676 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0837 4676 WpdUsb ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0837 4676 WpdUsb ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0837 4676 ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0837 4676 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0841 4676 WSDPrintDevice ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0841 4676 WSDPrintDevice ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0841 4676 WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0841 4676 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0844 4676 yukonx64 ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0844 4676 yukonx64 ( LockedFile.Multi.Generic ) - User select action: Skip
17:02:48.0847 4676 {55662437-DA8C-40c0-AADA-2C816A897A49} ( LockedFile.Multi.Generic ) - skipped by user
17:02:48.0847 4676 {55662437-DA8C-40c0-AADA-2C816A897A49} ( LockedFile.Multi.Generic ) - User select action: Skip

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 17:04:51
-----------------------------
17:04:51.111 OS Version: Windows x64 6.0.6002 Service Pack 2
17:04:51.111 Number of processors: 2 586 0x301
17:04:51.111 ComputerName: JOHNSON UserName: Steve
17:04:55.339 Initialze error C0000001 - driver not loaded
17:06:34.533 AVAST engine defs: 12022001
17:10:08.319 Service scanning
17:10:17.226 Service f174c4c34bd59b03 C:\Windows\System32\Drivers\f174c4c34bd59b03.sys **HIDDEN**
17:10:29.191 Service NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys **LOCKED** 5
17:10:29.206 Service NDIS C:\Windows\system32\drivers\ndis.sys **LOCKED** 5
17:10:29.222 Service NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys **LOCKED** 5
17:10:29.237 Service Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys **LOCKED** 5
17:10:29.253 Service NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys **LOCKED** 5
17:10:29.269 Service NDProxy C:\Windows\System32\Drivers\NDProxy.sys **LOCKED** 5
17:10:29.284 Service netbt C:\Windows\System32\DRIVERS\netbt.sys **LOCKED** 5
17:10:29.737 Service NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys **LOCKED** 5
17:10:29.768 Service nfrd960 C:\Windows\system32\drivers\nfrd960.sys **LOCKED** 5
17:10:29.908 Service nsiproxy C:\Windows\system32\drivers\nsiproxy.sys **LOCKED** 5
17:10:29.924 Service NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys **LOCKED** 5
17:10:29.955 Service Null C:\Windows\System32\Drivers\Null.sys **LOCKED** 5
17:10:29.986 Service nvraid C:\Windows\system32\drivers\nvraid.sys **LOCKED** 5
17:10:30.002 Service nvstor C:\Windows\system32\drivers\nvstor.sys **LOCKED** 5
17:10:30.017 Service nv_agp C:\Windows\system32\drivers\nv_agp.sys **LOCKED** 5
17:10:30.048 Service ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys **LOCKED** 5
17:10:33.964 Service RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys **LOCKED** 5
17:10:35.321 Service sdbus C:\Windows\system32\DRIVERS\sdbus.sys **LOCKED** 5
17:10:35.430 Service Serenum C:\Windows\system32\drivers\serenum.sys **LOCKED** 5
17:10:35.461 Service Serial C:\Windows\system32\drivers\serial.sys **LOCKED** 5
17:10:35.477 Service sermouse C:\Windows\system32\drivers\sermouse.sys **LOCKED** 5
17:10:35.602 Service sffdisk C:\Windows\system32\drivers\sffdisk.sys **LOCKED** 5
17:10:35.633 Service sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys **LOCKED** 5
17:10:35.664 Service sffp_sd C:\Windows\system32\drivers\sffp_sd.sys **LOCKED** 5
17:10:35.695 Service sfloppy C:\Windows\system32\drivers\sfloppy.sys **LOCKED** 5
17:10:35.851 Service SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys **LOCKED** 5
17:10:35.883 Service SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys **LOCKED** 5
17:10:36.413 Service Smb C:\Windows\system32\DRIVERS\smb.sys **LOCKED** 5
17:10:36.491 Service spldr C:\Windows\System32\Drivers\spldr.sys **LOCKED** 5
17:10:36.803 Service STHDA C:\Windows\system32\DRIVERS\stwrt64.sys **LOCKED** 5
17:10:36.850 Service StillCam C:\Windows\system32\DRIVERS\serscan.sys **LOCKED** 5
17:10:37.021 Service swenum C:\Windows\system32\DRIVERS\swenum.sys **LOCKED** 5
17:10:37.208 Service Symc8xx C:\Windows\system32\drivers\symc8xx.sys **LOCKED** 5
17:10:37.240 Service Sym_hi C:\Windows\system32\drivers\sym_hi.sys **LOCKED** 5
17:10:37.271 Service Sym_u3 C:\Windows\system32\drivers\sym_u3.sys **LOCKED** 5
17:10:37.302 Service SynTP C:\Windows\system32\DRIVERS\SynTP.sys **LOCKED** 5
17:10:37.708 Service Tcpip C:\Windows\System32\drivers\tcpip.sys **LOCKED** 5
17:10:37.739 Service Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys **LOCKED** 5
17:10:37.770 Service tcpipreg C:\Windows\System32\drivers\tcpipreg.sys **LOCKED** 5
17:10:37.786 Service TDPIPE C:\Windows\system32\drivers\tdpipe.sys **LOCKED** 5
17:10:37.817 Service TDTCP C:\Windows\system32\drivers\tdtcp.sys **LOCKED** 5
17:10:37.848 Service tdx C:\Windows\system32\DRIVERS\tdx.sys **LOCKED** 5
17:10:38.300 Service TermDD C:\Windows\system32\DRIVERS\termdd.sys **LOCKED** 5
17:10:38.706 Service tssecsrv C:\Windows\System32\DRIVERS\tssecsrv.sys **LOCKED** 5
17:10:38.737 Service tunnel C:\Windows\system32\DRIVERS\tunnel.sys **LOCKED** 5
17:10:38.956 Service uagp35 C:\Windows\system32\drivers\uagp35.sys **LOCKED** 5
17:10:39.034 Service uliagpkx C:\Windows\system32\drivers\uliagpkx.sys **LOCKED** 5
17:10:39.065 Service uliahci C:\Windows\system32\drivers\uliahci.sys **LOCKED** 5
17:10:39.096 Service UlSata C:\Windows\system32\drivers\ulsata.sys **LOCKED** 5
17:10:39.112 Service ulsata2 C:\Windows\system32\drivers\ulsata2.sys **LOCKED** 5
17:10:39.143 Service umbus C:\Windows\system32\DRIVERS\umbus.sys **LOCKED** 5
17:10:39.252 Service usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys **LOCKED** 5
17:10:39.283 Service usbcir C:\Windows\system32\drivers\usbcir.sys **LOCKED** 5
17:10:39.314 Service usbehci C:\Windows\system32\DRIVERS\usbehci.sys **LOCKED** 5
17:10:39.330 Service usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys **LOCKED** 5
17:10:39.361 Service usbhub C:\Windows\system32\DRIVERS\usbhub.sys **LOCKED** 5
17:10:39.392 Service usbohci C:\Windows\system32\DRIVERS\usbohci.sys **LOCKED** 5
17:10:39.424 Service usbprint C:\Windows\system32\DRIVERS\usbprint.sys **LOCKED** 5
17:10:39.439 Service usbscan C:\Windows\system32\DRIVERS\usbscan.sys **LOCKED** 5
17:10:39.470 Service USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS **LOCKED** 5
17:10:39.502 Service usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys **LOCKED** 5
17:10:39.517 Service usbvideo C:\Windows\System32\Drivers\usbvideo.sys **LOCKED** 5
17:10:39.720 Service vga C:\Windows\system32\DRIVERS\vgapnp.sys **LOCKED** 5
17:10:39.751 Service VgaSave C:\Windows\System32\drivers\vga.sys **LOCKED** 5
17:10:39.782 Service viaide C:\Windows\system32\drivers\viaide.sys **LOCKED** 5
17:10:39.814 Service volmgr C:\Windows\system32\drivers\volmgr.sys **LOCKED** 5
17:10:39.845 Service volmgrx C:\Windows\System32\drivers\volmgrx.sys **LOCKED** 5
17:10:39.860 Service volsnap C:\Windows\system32\drivers\volsnap.sys **LOCKED** 5
17:10:39.892 Service vsmraid C:\Windows\system32\drivers\vsmraid.sys **LOCKED** 5
17:10:40.359 Service WacomPen C:\Windows\system32\drivers\wacompen.sys **LOCKED** 5
17:10:40.391 Service Wanarp C:\Windows\system32\DRIVERS\wanarp.sys **LOCKED** 5
17:10:40.422 Service Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys **LOCKED** 5
17:10:40.640 Service Wd C:\Windows\system32\drivers\wd.sys **LOCKED** 5
17:10:40.671 Service Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys **LOCKED** 5
17:10:42.138 Service WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys **LOCKED** 5
17:10:42.419 Service WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys **LOCKED** 5
17:10:42.637 Service ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys **LOCKED** 5
17:10:42.762 Service WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys **LOCKED** 5
17:10:43.308 Service WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys **LOCKED** 5
17:10:43.417 Service yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys **LOCKED** 5
17:10:43.448 Service {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl **LOCKED** 5
17:10:43.994 Modules scanning
17:10:43.994 Disk 0 trace - called modules:
17:10:44.010
17:10:46.615 AVAST engine scan C:\Windows
17:10:52.636 AVAST engine scan C:\Windows\system32
17:15:59.096 AVAST engine scan C:\Windows\system32\drivers
17:16:15.350 AVAST engine scan C:\Users\Steve
17:50:07.511 AVAST engine scan C:\ProgramData
17:50:08.159 File: C:\ProgramData\73ef23\AV73e_8032.exe **INFECTED** Win32:Crypt-LLK [Trj]
17:51:44.094 Scan finished successfully
17:53:20.009 The log file has been saved successfully to "C:\Users\Steve\Desktop\aswMBR1111111111111111111.txt"

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 20 February 2012 - 08:58 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

KillAll::

Folder::
C:\ProgramData\73ef23

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 21 February 2012 - 02:16 AM

The scan ran smoothly. The browser still works properly. Do you want me to reload avast and see if it will now allow me to update it's definitions and scan?



ComboFix 12-02-19.02 - Steve 02/21/2012 0:45.2.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3837.1866 [GMT -6:00]
Running from: c:\users\Steve\Desktop\ComboFix.exe
Command switches used :: c:\users\Steve\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Steve\AppData\Roaming\inst.exe
c:\users\Steve\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-01-21 to 2012-02-21 )))))))))))))))))))))))))))))))
.
.
2012-02-21 07:00 . 2012-02-21 07:00 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-02-21 07:00 . 2012-02-21 07:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-18 16:24 . 2012-02-18 16:24 -------- d-----w- c:\program files (x86)\@Last Software
2012-02-18 16:24 . 2004-03-05 06:21 15840 ----a-w- c:\windows\SysWow64\Machnm1.exe
2012-02-18 16:24 . 2012-02-18 16:24 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-02-18 16:24 . 2012-02-18 16:24 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-02-18 16:24 . 2003-11-11 00:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-02-18 16:24 . 2003-11-11 00:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-02-18 16:24 . 2003-11-11 00:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-02-18 16:24 . 2003-11-11 00:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-02-18 16:24 . 2003-11-11 00:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-02-18 16:22 . 2012-02-18 16:22 -------- d-----w- c:\users\Steve\AppData\Roaming\Malwarebytes
2012-02-18 16:22 . 2012-02-18 16:22 -------- d-----w- c:\programdata\Malwarebytes
2012-02-18 16:22 . 2012-02-19 11:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-18 16:22 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-18 03:35 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-02-18 03:35 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-02-18 01:45 . 2012-02-18 01:46 -------- d-----w- c:\programdata\73ef23
2012-02-17 20:57 . 2012-02-17 21:02 -------- d-----w- c:\users\Steve\AppData\Local\Browser Guard
2012-02-17 00:27 . 2012-02-20 20:31 -------- d-----w- c:\program files\AVAST Software
2012-02-17 00:27 . 2012-02-18 03:34 -------- d-----w- c:\programdata\AVAST Software
2012-02-16 00:29 . 2012-02-16 00:29 -------- d-----w- c:\program files (x86)\ESET
2012-02-15 20:44 . 2012-02-15 20:44 -------- d-----w- c:\programdata\Downloaded Installations
2012-02-15 20:34 . 2012-02-15 20:34 -------- d-----w- c:\program files (x86)\GFI Software
2012-02-10 15:34 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EFB256D-5AC2-4E05-8F0E-DEEA531575B8}\mpengine.dll
2012-01-26 02:54 . 2011-11-17 06:53 515968 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-26 02:54 . 2011-11-16 16:42 347136 ----a-w- c:\windows\system32\schannel.dll
2012-01-26 02:54 . 2011-11-16 16:23 278528 ----a-w- c:\windows\SysWow64\schannel.dll
2012-01-26 02:54 . 2011-11-16 16:43 442368 ----a-w- c:\windows\system32\winhttp.dll
2012-01-26 02:54 . 2011-11-16 16:41 1689600 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-26 02:54 . 2011-11-16 16:23 377344 ----a-w- c:\windows\SysWow64\winhttp.dll
2012-01-26 02:54 . 2011-11-16 16:42 94720 ----a-w- c:\windows\system32\secur32.dll
2012-01-26 02:54 . 2011-11-16 16:24 77312 ----a-w- c:\windows\SysWow64\secur32.dll
2012-01-26 02:54 . 2011-11-16 14:34 11264 ----a-w- c:\windows\system32\lsass.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 06:52 . 2009-10-03 05:41 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 10:59 . 2012-01-05 03:10 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-05 10:59 . 2011-05-17 18:36 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-05 10:59 . 2012-01-05 10:59 8783008 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-01-03 13:29 . 2009-08-07 21:34 82816 ----a-w- c:\users\Steve\AppData\Roaming\pcouffin.sys
2011-11-25 16:25 . 2012-01-11 19:51 451072 ----a-w- c:\windows\system32\winsrv.dll
2011-11-25 12:50 . 2011-11-25 12:50 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-11-25 12:50 . 2011-11-25 12:50 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-11-23 13:57 . 2011-12-14 06:37 2764800 ----a-w- c:\windows\system32\win32k.sys
2007-05-17 02:22 . 2009-06-07 04:12 34816 ----a-w- c:\program files (x86)\YASU.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-20_19.22.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 02:23 . 2012-02-21 07:03 83054 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-06-01 22:48 . 2012-02-21 07:03 19114 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-732063850-1855902138-569781612-1000_UserData.bin
+ 2008-01-21 02:49 . 2008-01-21 02:49 14848 c:\windows\system32\vga.dll
+ 2008-01-21 02:48 . 2008-01-21 02:48 16896 c:\windows\system32\tsddd.dll
+ 2009-09-17 01:53 . 2009-04-11 07:15 55272 c:\windows\system32\PSHED.DLL
+ 2011-04-14 23:29 . 2011-02-24 16:37 20864 c:\windows\system32\kdusb.dll
+ 2011-04-14 23:29 . 2011-02-24 16:37 17792 c:\windows\system32\kdcom.dll
+ 2011-04-14 23:29 . 2011-02-24 16:37 18816 c:\windows\system32\kd1394.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 10240 c:\windows\system32\kbdnecat.dll
+ 2008-01-21 02:48 . 2008-01-21 02:48 11776 c:\windows\system32\KBDKOR.DLL
+ 2008-01-21 02:48 . 2008-01-21 02:48 12800 c:\windows\system32\KBDJPN.DLL
+ 2008-01-21 02:49 . 2008-01-21 02:49 14848 c:\windows\system32\framebuf.dll
+ 2009-09-17 01:52 . 2009-04-11 07:04 33280 c:\windows\system32\f3ahvoas.dll
+ 2008-01-21 02:50 . 2008-01-21 02:50 65024 c:\windows\system32\drivers\WUDFPf.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 22528 c:\windows\system32\drivers\WSDPrint.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 20992 c:\windows\system32\drivers\ws2ifsl.sys
+ 2010-01-13 01:12 . 2009-10-01 00:51 46592 c:\windows\system32\drivers\WpdUsb.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 19512 c:\windows\system32\drivers\wmilib.sys
+ 2006-11-02 09:09 . 2008-01-21 02:46 14336 c:\windows\system32\drivers\wmiacpi.sys
+ 2010-07-15 19:42 . 2009-07-14 18:18 42064 c:\windows\system32\drivers\WdfLdr.sys
+ 2006-11-02 09:42 . 2008-01-21 02:47 24120 c:\windows\system32\drivers\wd.sys
+ 2009-09-17 01:53 . 2009-04-11 05:09 40448 c:\windows\system32\drivers\watchdog.sys
+ 2009-09-17 01:53 . 2009-04-11 05:43 86528 c:\windows\system32\drivers\wanarp.sys
+ 2006-11-02 09:40 . 2006-11-02 09:40 26624 c:\windows\system32\drivers\wacompen.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 67048 c:\windows\system32\drivers\volmgr.sys
+ 2006-11-02 09:38 . 2009-04-08 07:30 20536 c:\windows\system32\drivers\viaide.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 29184 c:\windows\system32\drivers\vgapnp.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 28672 c:\windows\system32\drivers\vga.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 29184 c:\windows\system32\drivers\usbuhci.sys
+ 2009-09-17 01:54 . 2009-04-11 05:39 77824 c:\windows\system32\drivers\USBSTOR.SYS
+ 2008-01-21 02:47 . 2008-01-21 02:47 41984 c:\windows\system32\drivers\usbscan.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 24064 c:\windows\system32\drivers\usbprint.sys
+ 2009-09-17 01:52 . 2009-04-11 05:39 24064 c:\windows\system32\drivers\usbohci.sys
+ 2009-06-01 22:48 . 2008-05-28 22:54 26168 c:\windows\system32\drivers\usbfilter.sys
+ 2009-09-17 01:53 . 2009-04-11 05:39 49664 c:\windows\system32\drivers\usbehci.sys
+ 2006-11-02 09:43 . 2006-11-02 09:43 79360 c:\windows\system32\drivers\usbcir.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 95744 c:\windows\system32\drivers\usbccgp.sys
+ 2009-09-17 01:53 . 2009-04-11 05:39 32640 c:\windows\system32\drivers\USBCAMD2.sys
+ 2009-09-17 01:52 . 2009-04-11 05:43 19456 c:\windows\system32\drivers\usb8023.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 41984 c:\windows\system32\drivers\umbus.sys
+ 2006-11-02 09:10 . 2008-01-21 02:46 68152 c:\windows\system32\drivers\ULIAGPKX.SYS
+ 2006-11-02 09:10 . 2008-01-21 02:46 67128 c:\windows\system32\drivers\UAGP35.SYS
+ 2010-04-13 20:58 . 2010-02-18 11:59 29696 c:\windows\system32\drivers\tunnel.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 18432 c:\windows\system32\drivers\TUNMP.SYS
+ 2008-01-21 02:50 . 2008-01-21 02:50 29184 c:\windows\system32\drivers\tssecsrv.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 62440 c:\windows\system32\drivers\termdd.sys
+ 2009-09-17 01:53 . 2009-04-11 05:43 94720 c:\windows\system32\drivers\tdx.sys
+ 2008-01-21 02:51 . 2008-01-21 02:51 29696 c:\windows\system32\drivers\tdtcp.sys
+ 2008-01-21 02:51 . 2008-01-21 02:51 16384 c:\windows\system32\drivers\tdpipe.sys
+ 2009-09-17 01:52 . 2009-04-11 05:44 26112 c:\windows\system32\drivers\tdi.sys
+ 2010-02-10 03:00 . 2009-12-08 17:55 40448 c:\windows\system32\drivers\tcpipreg.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 29184 c:\windows\system32\drivers\tape.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 49256 c:\windows\system32\drivers\symc8xx.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 48232 c:\windows\system32\drivers\sym_u3.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 44648 c:\windows\system32\drivers\sym_hi.sys
+ 2006-11-02 09:37 . 2008-01-21 02:46 13032 c:\windows\system32\drivers\swenum.sys
+ 2009-09-17 01:52 . 2009-04-11 05:39 68224 c:\windows\system32\drivers\stream.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 19432 c:\windows\system32\drivers\spldr.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 20992 c:\windows\system32\drivers\smclib.sys
+ 2009-09-17 01:53 . 2009-04-11 05:42 88064 c:\windows\system32\drivers\smb.sys
+ 2006-11-02 07:48 . 2008-01-21 02:47 78392 c:\windows\system32\drivers\sisraid4.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 45624 c:\windows\system32\drivers\sisraid2.sys
+ 2006-11-02 09:38 . 2006-11-02 09:38 16384 c:\windows\system32\drivers\sfloppy.sys
+ 2006-11-02 09:38 . 2008-01-21 02:47 13824 c:\windows\system32\drivers\sffp_sd.sys
+ 2006-11-02 09:38 . 2008-01-21 02:47 14336 c:\windows\system32\drivers\sffp_mmc.sys
+ 2006-11-02 09:38 . 2008-01-21 02:47 14848 c:\windows\system32\drivers\sffdisk.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 12288 c:\windows\system32\drivers\serscan.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 26624 c:\windows\system32\drivers\sermouse.sys
+ 2006-11-02 09:38 . 2006-11-02 09:38 94208 c:\windows\system32\drivers\serial.sys
+ 2006-11-02 09:37 . 2006-11-02 09:37 23040 c:\windows\system32\drivers\serenum.sys
+ 2006-11-02 06:40 . 2006-09-29 23:51 23040 c:\windows\system32\drivers\secdrv.sys
+ 2009-06-07 04:31 . 2009-03-15 10:32 85424 c:\windows\system32\drivers\scdemu.sys
+ 2006-11-02 09:38 . 2006-11-02 11:50 90216 c:\windows\system32\drivers\sbp2port.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 75776 c:\windows\system32\drivers\rspndr.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 11264 c:\windows\system32\drivers\rootmdm.sys
+ 2009-09-17 01:52 . 2009-04-11 05:43 40960 c:\windows\system32\drivers\RNDISMP.sys
+ 2009-09-17 01:53 . 2009-04-11 05:43 78336 c:\windows\system32\drivers\rassstp.sys
+ 2009-09-17 01:54 . 2009-04-11 05:43 98816 c:\windows\system32\drivers\raspptp.sys
+ 2009-09-17 01:52 . 2009-04-11 05:43 50176 c:\windows\system32\drivers\raspppoe.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 14848 c:\windows\system32\drivers\rasacd.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 46592 c:\windows\system32\drivers\qwavedrv.sys
+ 2006-11-02 09:00 . 2008-01-21 02:46 47104 c:\windows\system32\drivers\processr.sys
+ 2009-08-07 21:34 . 2009-08-07 21:34 82816 c:\windows\system32\drivers\pcouffin.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 49640 c:\windows\system32\drivers\pciidex.sys
+ 2009-09-17 01:54 . 2009-04-11 07:14 14312 c:\windows\system32\drivers\pciide.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 73176 c:\windows\system32\drivers\partmgr.sys
+ 2006-11-02 09:37 . 2006-11-02 09:37 96768 c:\windows\system32\drivers\parport.sys
+ 2009-09-17 01:53 . 2009-04-11 05:42 94208 c:\windows\system32\drivers\pacer.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 72192 c:\windows\system32\drivers\ohci1394.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 54328 c:\windows\system32\drivers\nvstor.sys
+ 2009-05-09 06:14 . 2009-05-09 06:14 15752 c:\windows\system32\drivers\nuidfltr.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 24064 c:\windows\system32\drivers\nsiproxy.sys
+ 2009-09-17 01:53 . 2009-04-11 04:54 44544 c:\windows\system32\drivers\npfs.sys
+ 2006-11-02 07:48 . 2006-11-02 12:03 51816 c:\windows\system32\drivers\nfrd960.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 44544 c:\windows\system32\drivers\netbios.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 59904 c:\windows\system32\drivers\ndproxy.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 22016 c:\windows\system32\drivers\ndisuio.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 24064 c:\windows\system32\drivers\ndistapi.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 59880 c:\windows\system32\drivers\mup.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 34872 c:\windows\system32\drivers\mssmbios.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 11008 c:\windows\system32\drivers\mskssrv.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 17976 c:\windows\system32\drivers\msisadrv.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 26112 c:\windows\system32\drivers\msfs.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 29656 c:\windows\system32\drivers\msahci.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 39016 c:\windows\system32\drivers\Mraid35x.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 81408 c:\windows\system32\drivers\mpsdrv.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 70200 c:\windows\system32\drivers\mountmgr.sys
+ 2006-11-02 09:37 . 2008-01-21 02:46 19968 c:\windows\system32\drivers\mouhid.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 39992 c:\windows\system32\drivers\mouclass.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 49152 c:\windows\system32\drivers\monitor.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 40448 c:\windows\system32\drivers\modem.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 35896 c:\windows\system32\drivers\megasas.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 22016 c:\windows\system32\drivers\mcd.sys
+ 2010-07-07 18:36 . 2010-12-24 05:40 18960 c:\windows\system32\drivers\LNonPnP.sys
+ 2010-03-18 09:00 . 2010-03-18 09:00 57936 c:\windows\system32\drivers\LMouFilt.Sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 59392 c:\windows\system32\drivers\lltdio.sys
+ 2010-03-18 09:00 . 2010-03-18 09:00 63568 c:\windows\system32\drivers\LHidFilt.Sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 20864 c:\windows\system32\drivers\ksthunk.sys
+ 2009-09-17 01:53 . 2009-04-11 05:33 22528 c:\windows\system32\drivers\kbdhid.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 42040 c:\windows\system32\drivers\kbdclass.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 37480 c:\windows\system32\drivers\iteraid.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 37480 c:\windows\system32\drivers\iteatapi.sys
+ 2006-11-02 09:10 . 2008-01-21 02:46 23608 c:\windows\system32\drivers\isapnp.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 17408 c:\windows\system32\drivers\irenum.sys
+ 2006-11-02 09:22 . 2008-01-21 02:47 76288 c:\windows\system32\drivers\IPMIDrv.sys
+ 2009-09-17 01:54 . 2009-04-11 05:43 67584 c:\windows\system32\drivers\ipfltdrv.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 48128 c:\windows\system32\drivers\intelppm.sys
+ 2008-01-21 02:46 . 2009-04-08 07:30 19512 c:\windows\system32\drivers\intelide.sys
+ 2006-11-02 07:48 . 2006-11-02 12:02 44648 c:\windows\system32\drivers\iirsp.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 64000 c:\windows\system32\drivers\i8042prt.sys
+ 2006-11-02 09:38 . 2008-01-21 02:47 35896 c:\windows\system32\drivers\i2omp.sys
+ 2006-11-02 09:39 . 2008-01-21 02:47 20536 c:\windows\system32\drivers\i2omgmt.sys
+ 2009-04-08 07:55 . 2009-04-29 13:48 18432 c:\windows\system32\drivers\HpqKbFiltr.sys
+ 2008-03-27 19:10 . 2011-05-13 23:58 30008 c:\windows\system32\drivers\hpdskflt.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 47672 c:\windows\system32\drivers\HpCISSs.sys
+ 2009-09-17 01:53 . 2009-04-11 05:39 15872 c:\windows\system32\drivers\hidusb.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 31616 c:\windows\system32\drivers\hidparse.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 25600 c:\windows\system32\drivers\hidir.sys
+ 2009-09-17 01:52 . 2009-04-11 05:39 49152 c:\windows\system32\drivers\hidclass.sys
+ 2006-11-02 09:44 . 2006-11-02 09:44 34304 c:\windows\system32\drivers\hidbth.sys
+ 2010-03-04 09:24 . 2009-05-18 20:17 34152 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2006-11-02 09:10 . 2008-01-21 02:46 68152 c:\windows\system32\drivers\GAGP30KX.SYS
+ 2008-01-21 02:51 . 2008-01-21 02:51 16384 c:\windows\system32\drivers\fs_rec.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 24576 c:\windows\system32\drivers\flpydisk.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 33280 c:\windows\system32\drivers\filetrace.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 70200 c:\windows\system32\drivers\fileinfo.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 29696 c:\windows\system32\drivers\fdc.sys
+ 2008-01-24 13:24 . 2008-01-24 13:24 60928 c:\windows\system32\drivers\enecir.sys
+ 2009-09-17 01:52 . 2009-04-11 05:09 98816 c:\windows\system32\drivers\dxg.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 16896 c:\windows\system32\drivers\dxapi.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 29656 c:\windows\system32\drivers\Dumpata.sys
+ 2006-11-02 07:48 . 2006-11-02 11:50 88168 c:\windows\system32\drivers\djsvs.sys
+ 2009-09-17 01:52 . 2009-04-11 05:34 19968 c:\windows\system32\drivers\Diskdump.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 67032 c:\windows\system32\drivers\disk.sys
+ 2011-06-14 21:27 . 2011-04-14 15:14 97792 c:\windows\system32\drivers\dfsc.sys
+ 2006-11-02 09:39 . 2008-01-21 02:46 27704 c:\windows\system32\drivers\crcdisk.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 39400 c:\windows\system32\drivers\crashdmp.sys
+ 2006-11-02 09:09 . 2008-01-21 02:46 23608 c:\windows\system32\drivers\compbatt.sys
+ 2006-11-02 09:38 . 2009-04-08 07:30 20536 c:\windows\system32\drivers\cmdide.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 17792 c:\windows\system32\drivers\CmBatt.sys
+ 2006-11-02 09:43 . 2008-01-21 02:47 41984 c:\windows\system32\drivers\circlass.sys
+ 2009-09-17 01:52 . 2009-04-11 05:34 79872 c:\windows\system32\drivers\cdrom.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 90624 c:\windows\system32\drivers\cdfs.sys
+ 2009-04-08 07:17 . 2009-04-08 07:16 35840 c:\windows\system32\drivers\BTHUSB.SYS
+ 2006-11-02 09:44 . 2006-11-02 09:44 50688 c:\windows\system32\drivers\bthmodem.sys
+ 2009-04-08 07:17 . 2009-04-08 07:16 26624 c:\windows\system32\drivers\bthenum.sys
+ 2006-11-02 11:09 . 2006-09-19 11:42 14720 c:\windows\system32\drivers\BrUsbSer.sys
+ 2006-11-02 11:10 . 2006-09-18 21:30 14976 c:\windows\system32\drivers\BrUsbMdm.sys
+ 2006-11-02 11:09 . 2006-09-18 21:30 47104 c:\windows\system32\drivers\BrSerWdm.sys
+ 2006-11-02 10:53 . 2006-11-02 08:43 86528 c:\windows\system32\drivers\BrSerId.sys
+ 2006-11-02 11:08 . 2006-09-18 21:30 18432 c:\windows\system32\drivers\BrFiltLo.sys
+ 2011-04-14 23:29 . 2011-02-18 14:16 90624 c:\windows\system32\drivers\bowser.sys
+ 2008-01-21 04:02 . 2008-01-21 02:47 55296 c:\windows\system32\drivers\blbdrive.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 15616 c:\windows\system32\drivers\bdasup.sys
+ 2006-11-02 09:09 . 2008-01-21 02:46 30776 c:\windows\system32\drivers\battc.sys
+ 2008-04-28 05:25 . 2008-04-28 05:25 16400 c:\windows\system32\drivers\AtiPcie.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 20952 c:\windows\system32\drivers\atapi.sys
+ 2008-01-21 02:51 . 2008-01-21 02:51 22016 c:\windows\system32\drivers\asyncmac.sys
+ 2006-11-02 07:48 . 2008-01-21 02:47 91192 c:\windows\system32\drivers\arcsas.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 90680 c:\windows\system32\drivers\arc.sys
+ 2006-11-02 09:00 . 2008-01-21 02:46 50688 c:\windows\system32\drivers\amdk8.sys
+ 2006-11-02 09:38 . 2009-04-08 07:30 18488 c:\windows\system32\drivers\amdide.sys
+ 2006-11-02 09:38 . 2009-04-08 07:30 18488 c:\windows\system32\drivers\aliide.sys
+ 2006-11-02 09:10 . 2008-01-21 02:46 64568 c:\windows\system32\drivers\AGP440.sys
+ 2008-06-27 12:51 . 2008-06-27 12:51 88632 c:\windows\system32\drivers\adfs.sys
+ 2011-05-13 23:57 . 2011-05-13 23:57 43320 c:\windows\system32\drivers\Accelerometer.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 65280 c:\windows\system32\drivers\1394bus.sys
+ 2011-12-14 06:37 . 2011-10-25 16:09 85504 c:\windows\system32\csrsrv.dll
+ 2011-08-17 21:35 . 2011-01-20 16:16 47104 c:\windows\system32\cdd.dll
+ 2008-01-21 02:48 . 2008-01-21 02:48 25656 c:\windows\system32\BOOTVID.DLL
- 2006-11-02 12:40 . 2012-02-15 20:47 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 12:40 . 2012-02-20 20:51 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDYCL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDYCC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDYAK.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDVNTC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUZB.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDUSX.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUSR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUSL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUSA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUS.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDURDU.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUR1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDUR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDUKX.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUK.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDUGHR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTURME.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDTUQ.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDTUF.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDTIPRC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTH3.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTH2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTH1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTH0.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDTAT.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDTAJIK.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDSYR2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDSYR1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDSW09.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDSW.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDSP.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDSORST.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDSOREX.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDSN1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDSMSNO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDSMSFI.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDSL1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDSL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDSG.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDSF.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDRU1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDRU.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDROST.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDROPR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDRO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDPO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDPL1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDPL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDPASH.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDNO1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDNO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDNEPR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\kbdnecnt.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\kbdnec95.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\kbdnec.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDNE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDMONMO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDMON.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDMLT48.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDMLT47.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDMAORI.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDMACST.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDMAC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDLV1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDLV.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDLT2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDLT1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDLT.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\kbdlk41a.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDLAO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDLA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDKYR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDKHMR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDKAZ.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDIULAT.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDIT142.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDIT.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDIR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDINUK2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINTEL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINTAM.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINPUN.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDINORI.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINMAR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDINMAL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINKAN.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDINHIN.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINGUJ.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDINDEV.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDINBEN.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINBE2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINBE1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDINASA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDIC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\kbdibm02.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDHU1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDHU.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 9728 c:\windows\system32\KBDHEPT.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDHELA3.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDHELA2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDHEB.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDHE319.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDHE220.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDHE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDGRLND.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDGR1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDGR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDGKL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\kbdgeoqw.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\kbdgeoer.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 6144 c:\windows\system32\KBDGEO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDGAE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDFR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDFO.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDFI1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDFI.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDFC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDFA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDEST.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDES.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDDV.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDDIV2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDDIV1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDDA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDCZ2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDCZ1.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDCZ.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\KBDCR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8704 c:\windows\system32\KBDCAN.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDCA.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBULG.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBU.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBLR.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBHC.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBGPH.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDBENE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDBE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDBASH.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDAZEL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDAZE.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 8192 c:\windows\system32\kbdax2.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDARMW.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDARME.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\KBDAL.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDA3.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 6656 c:\windows\system32\KBDA2.DLL
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\KBDA1.DLL
+ 2009-04-08 07:14 . 2009-04-08 07:14 7680 c:\windows\system32\kbd106n.dll
+ 2006-11-02 09:15 . 2008-01-21 02:47 8192 c:\windows\system32\kbd106.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\kbd103.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\kbd101c.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\kbd101b.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7168 c:\windows\system32\kbd101a.dll
+ 2006-11-02 09:15 . 2006-11-02 11:12 7680 c:\windows\system32\kbd101.dll
+ 2008-01-21 02:47 . 2008-01-21 02:47 7680 c:\windows\system32\drivers\usbd.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 9728 c:\windows\system32\drivers\umpass.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 7168 c:\windows\system32\drivers\RDPENCDD.sys
+ 2008-01-21 02:51 . 2008-01-21 02:51 7168 c:\windows\system32\drivers\RDPCDD.sys
+ 2006-11-02 09:37 . 2006-11-02 09:37 6144 c:\windows\system32\drivers\null.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 7936 c:\windows\system32\drivers\mstee.sys
+ 2006-11-02 09:37 . 2006-11-02 09:37 6656 c:\windows\system32\drivers\mspqm.sys
+ 2006-11-02 09:37 . 2006-11-02 09:37 7040 c:\windows\system32\drivers\mspclock.sys
+ 2008-01-21 04:12 . 2008-01-21 02:46 8704 c:\windows\system32\drivers\errdev.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 6144 c:\windows\system32\drivers\drmkaud.sys
+ 2006-11-02 11:10 . 2006-09-18 21:30 8704 c:\windows\system32\drivers\BrFiltUp.sys
- 2012-02-20 14:32 . 2012-02-20 14:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-21 07:01 . 2012-02-21 07:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-21 07:01 . 2012-02-21 07:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-20 14:32 . 2012-02-20 14:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-03 09:37 . 2012-02-21 06:36 399644 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 15:45 . 2012-02-21 07:03 119020 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-01-21 02:49 . 2008-01-21 02:49 150528 c:\windows\system32\RDPENCDD.dll
+ 2008-01-21 02:48 . 2008-01-21 02:48 173568 c:\windows\system32\rdpdd.dll
+ 2009-09-17 01:55 . 2009-04-11 07:15 223720 c:\windows\system32\mcupdate_GenuineIntel.dll
+ 2006-11-02 09:00 . 2009-04-11 07:15 233448 c:\windows\system32\hal.dll
+ 2006-11-02 12:40 . 2006-10-04 01:45 273408 c:\windows\system32\drivers\yk60x64.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 108544 c:\windows\system32\drivers\WUDFRd.sys
+ 2010-07-15 19:42 . 2009-07-14 18:18 654928 c:\windows\system32\drivers\Wdf01000.sys
+ 2006-11-02 07:48 . 2008-01-21 02:47 149048 c:\windows\system32\drivers\vsmraid.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 269288 c:\windows\system32\drivers\volsnap.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 408024 c:\windows\system32\drivers\volmgrx.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 126464 c:\windows\system32\drivers\videoprt.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 168704 c:\windows\system32\drivers\usbvideo.sys
+ 2009-09-17 01:54 . 2009-04-11 05:39 259584 c:\windows\system32\drivers\usbport.sys
+ 2009-09-17 01:54 . 2009-04-11 05:39 273920 c:\windows\system32\drivers\usbhub.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 174696 c:\windows\system32\drivers\ulsata2.sys
+ 2006-11-02 07:48 . 2006-11-02 11:50 148072 c:\windows\system32\drivers\ulsata.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 284728 c:\windows\system32\drivers\uliahci.sys
+ 2009-09-17 01:53 . 2009-04-11 04:54 299008 c:\windows\system32\drivers\udfs.sys
+ 2010-05-28 03:32 . 2010-05-28 03:32 320560 c:\windows\system32\drivers\SynTP.sys
+ 2010-07-08 04:35 . 2008-09-27 08:14 465408 c:\windows\system32\drivers\stwrt64.sys
+ 2009-09-17 01:55 . 2009-04-11 07:15 164328 c:\windows\system32\drivers\Storport.sys
+ 2011-06-14 21:29 . 2011-04-29 13:40 145920 c:\windows\system32\drivers\srvnet.sys
+ 2011-06-14 21:29 . 2011-04-29 13:41 176128 c:\windows\system32\drivers\srv2.sys
+ 2011-04-14 23:30 . 2011-02-18 14:18 450560 c:\windows\system32\drivers\srv.sys
+ 2009-09-17 01:56 . 2009-03-14 00:48 594432 c:\windows\system32\drivers\spsys.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 111104 c:\windows\system32\drivers\sdbus.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 173112 c:\windows\system32\drivers\scsiport.sys
+ 2009-09-02 08:09 . 2009-09-02 08:09 221696 c:\windows\system32\drivers\Rtlh64.sys
+ 2009-09-17 01:53 . 2009-04-11 05:42 140288 c:\windows\system32\drivers\rmcast.sys
+ 2009-04-08 07:17 . 2009-04-08 07:16 178688 c:\windows\system32\drivers\rfcomm.sys
+ 2009-09-17 01:53 . 2009-04-11 05:48 209920 c:\windows\system32\drivers\rdpwd.sys
+ 2006-11-02 09:53 . 2008-01-21 02:46 314368 c:\windows\system32\drivers\rdpdr.sys
+ 2009-09-17 01:54 . 2009-04-11 04:55 287744 c:\windows\system32\drivers\rdbss.sys
+ 2009-09-17 01:54 . 2009-04-11 05:43 124928 c:\windows\system32\drivers\rasl2tp.sys
+ 2006-11-02 07:48 . 2006-11-02 11:50 124008 c:\windows\system32\drivers\ql40xx.sys
+ 2009-09-17 01:53 . 2009-04-11 05:39 218112 c:\windows\system32\drivers\portcls.sys
+ 2006-11-02 09:57 . 2006-10-24 02:08 712704 c:\windows\system32\drivers\PEAuth.sys
+ 2006-11-02 09:10 . 2006-11-02 11:51 203368 c:\windows\system32\drivers\pcmcia.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 178664 c:\windows\system32\drivers\pci.sys
+ 2009-09-17 01:53 . 2009-04-11 05:40 187392 c:\windows\system32\drivers\nwifi.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 128056 c:\windows\system32\drivers\nvraid.sys
+ 2006-11-02 09:10 . 2008-01-21 02:46 126520 c:\windows\system32\drivers\NV_AGP.SYS
+ 2009-09-17 01:55 . 2009-04-11 07:15 347112 c:\windows\system32\drivers\netio.sys
+ 2009-09-17 01:55 . 2009-04-11 05:42 248320 c:\windows\system32\drivers\netbt.sys
+ 2009-09-17 01:54 . 2009-04-11 05:43 169472 c:\windows\system32\drivers\ndiswan.sys
+ 2009-09-17 01:55 . 2009-04-11 07:15 738264 c:\windows\system32\drivers\ndis.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 310760 c:\windows\system32\drivers\msrpc.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 215528 c:\windows\system32\drivers\msiscsi.sys
+ 2006-11-02 09:40 . 2008-01-21 02:47 113720 c:\windows\system32\drivers\msdsm.sys
+ 2011-06-14 21:29 . 2011-04-29 13:39 107008 c:\windows\system32\drivers\mrxsmb20.sys
+ 2011-08-10 11:41 . 2011-07-06 15:49 275456 c:\windows\system32\drivers\mrxsmb10.sys
+ 2011-06-14 21:29 . 2011-04-29 13:39 135680 c:\windows\system32\drivers\mrxsmb.sys
+ 2009-09-17 01:54 . 2009-04-11 04:55 139264 c:\windows\system32\drivers\mrxdav.sys
+ 2006-11-02 09:40 . 2008-01-21 02:47 128056 c:\windows\system32\drivers\mpio.sys
+ 2008-01-21 03:52 . 2008-01-21 02:46 438328 c:\windows\system32\drivers\MegaSR.sys
+ 2009-06-04 20:39 . 2009-02-24 23:35 255552 c:\windows\system32\drivers\mcdbus.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 109568 c:\windows\system32\drivers\luafv.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 113720 c:\windows\system32\drivers\lsi_scsi.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 105016 c:\windows\system32\drivers\lsi_sas.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 113720 c:\windows\system32\drivers\lsi_fc.sys
+ 2009-09-17 01:53 . 2009-04-11 05:33 188416 c:\windows\system32\drivers\ks.sys
+ 2008-07-21 10:53 . 2008-07-21 10:53 145496 c:\windows\system32\drivers\jmcr.sys
+ 2008-01-21 02:49 . 2008-01-21 02:49 119296 c:\windows\system32\drivers\irda.sys
+ 2008-01-21 02:48 . 2008-01-21 02:48 115712 c:\windows\system32\drivers\ipnat.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 290872 c:\windows\system32\drivers\iaStorV.sys
+ 2010-03-11 09:03 . 2010-02-20 21:30 620032 c:\windows\system32\drivers\http.sys
+ 2009-09-17 01:53 . 2009-04-11 05:39 275456 c:\windows\system32\drivers\HdAudio.sys
+ 2009-09-17 01:56 . 2009-04-11 05:39 948736 c:\windows\system32\drivers\hdaudbus.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 166888 c:\windows\system32\drivers\FWPKCLNT.SYS
+ 2009-09-17 01:55 . 2009-04-11 07:15 275432 c:\windows\system32\drivers\fltMgr.sys
+ 2009-09-17 01:53 . 2009-04-11 04:54 198144 c:\windows\system32\drivers\fastfat.sys
+ 2009-09-17 01:53 . 2009-04-11 04:54 187904 c:\windows\system32\drivers\exfat.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 397368 c:\windows\system32\drivers\elxstor.sys
+ 2009-09-17 01:53 . 2009-04-11 07:15 155112 c:\windows\system32\drivers\ecache.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 146176 c:\windows\system32\drivers\E1G6032E.sys
+ 2011-08-17 21:35 . 2011-01-20 16:46 900480 c:\windows\system32\drivers\dxgkrnl.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 122368 c:\windows\system32\drivers\drmk.sys
+ 2009-09-17 01:55 . 2009-04-11 07:15 164840 c:\windows\system32\drivers\Classpnp.sys
+ 2009-04-08 07:17 . 2009-04-08 07:16 694784 c:\windows\system32\drivers\bthport.sys
+ 2008-01-21 02:47 . 2008-01-21 02:47 115712 c:\windows\system32\drivers\bthpan.sys
+ 2008-01-21 02:50 . 2008-01-21 02:50 119296 c:\windows\system32\drivers\bridge.sys
+ 2009-09-30 14:32 . 2009-09-30 14:32 120336 c:\windows\system32\drivers\AtiHdmi.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 123368 c:\windows\system32\drivers\ataport.sys
+ 2011-06-14 21:29 . 2011-04-21 14:20 405504 c:\windows\system32\drivers\afd.sys
+ 2006-11-02 07:48 . 2008-01-21 02:47 185912 c:\windows\system32\drivers\adpu320.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 126520 c:\windows\system32\drivers\adpu160m.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 342584 c:\windows\system32\drivers\adpahci.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 486456 c:\windows\system32\drivers\adp94xx.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 325608 c:\windows\system32\drivers\acpi.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 361448 c:\windows\system32\clfs.sys
+ 2009-09-17 01:54 . 2009-04-11 07:15 380392 c:\windows\system32\ci.dll
+ 2011-04-14 23:27 . 2011-02-16 14:15 367616 c:\windows\system32\atmfd.dll
- 2011-03-23 18:46 . 2012-02-20 05:15 487964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-03-23 18:46 . 2012-02-21 07:00 487964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2006-11-02 12:40 . 2012-02-15 20:47 143360 c:\windows\inf\infstrng.dat
+ 2006-11-02 12:40 . 2012-02-20 20:51 143360 c:\windows\inf\infstrng.dat
+ 2011-04-14 23:29 . 2011-02-24 16:37 1063296 c:\windows\system32\winload.exe
+ 2011-08-10 11:41 . 2011-06-20 08:45 4699536 c:\windows\system32\ntoskrnl.exe
+ 2009-04-08 07:55 . 2006-11-02 13:04 1919968 c:\windows\system32\drivers\wdfcoinstaller01005.dll
+ 2011-11-09 08:12 . 2011-09-20 21:06 1426304 c:\windows\system32\drivers\tcpip.sys
+ 2006-11-02 07:48 . 2008-01-21 02:46 1221176 c:\windows\system32\drivers\ql2300.sys
+ 2009-09-17 01:56 . 2009-04-11 07:15 1515496 c:\windows\system32\drivers\ntfs.sys
+ 2008-01-21 02:46 . 2008-01-21 02:46 3154432 c:\windows\system32\drivers\NETw3v64.sys
+ 2009-09-23 23:01 . 2009-09-23 23:01 6175744 c:\windows\system32\drivers\atikmdag.sys
+ 2009-05-03 22:46 . 2008-04-27 16:09 1133568 c:\windows\system32\drivers\athrx.sys
+ 2008-11-22 03:05 . 2008-11-22 03:05 1253376 c:\windows\system32\drivers\agrsm64.sys
- 2009-05-04 00:19 . 2012-02-20 05:15 5875000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-05-04 00:19 . 2012-02-21 07:00 5875000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-03-23 18:46 . 2012-02-21 07:00 45138450 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-732063850-1855902138-569781612-1000-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-17 740216]
"CPN Notifier"="c:\program files (x86)\Cake Poker 2.0\PokerNotifier.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"TkBellExe"="c:\program files\Real\realplayer\update\realsched.exe" [2011-11-25 296056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-31 09:26 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-05 253600]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - f174c4c34bd59b03
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 17:49 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-05 10:59]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-09 09:21]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-09 09:21]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732063850-1855902138-569781612-1000Core.job
- c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 23:43]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732063850-1855902138-569781612-1000UA.job
- c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 23:43]
.
2012-02-15 c:\windows\Tasks\HPCeeScheduleForSteve.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-04-08 18:34]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\twll0dnw.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\f174c4c34bd59b03]
"ImagePath"="\SystemRoot\System32\Drivers\f174c4c34bd59b03.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,2e,03,f2,92,87,31,49,8f,c8,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,2e,03,f2,92,87,31,49,8f,c8,0f,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid]
@Denied: (A 2) (Everyone)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\AMD\OverDrive\AODAssist.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
.
**************************************************************************
.
Completion time: 2012-02-21 01:10:43 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-21 07:10
ComboFix2.txt 2012-02-20 19:41
.
Pre-Run: 43,687,133,184 bytes free
Post-Run: 43,792,867,328 bytes free
.
- - End Of File - - 96EE768AE8A3C39616CA851DF1397710

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 21 February 2012 - 02:25 AM

yes try that now and let me know how it goes


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 21 February 2012 - 02:36 AM

after registering it a box popped up saying "The AAVM subsystem detected a RPC error.

when I try to update a avast pop up box says,"Failed to update. The avast! service is not runnning.

#13 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 21 February 2012 - 02:57 AM

I am about to go back to bed. I really am grateful for your help. When I tried to reopen my firefox browser a blank web page(address- about:newaddon?id=wrc@avast.com) popped up with the message:

another program on your computer would like to modify Firefox with the following add on:
avast! WebRep 8.0.1367

I think this is safe but I chose not to allow it to run until I hear back from you.

Going to sleep, will be back in the morning.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:30 AM

Posted 21 February 2012 - 03:18 AM

hello

I would like you to use revo to uninstall avast and then try to install it

  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs click on xxxxx and chose Uninstall
  • When prompted click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, when prompted again click Yes > Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Next > Yes.
  • Once done click Finish.
.



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 belated

belated
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 21 February 2012 - 07:19 AM

I've done it




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users