Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with an unknown rootkit?


  • This topic is locked This topic is locked
25 replies to this topic

#1 Geppo

Geppo

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 02 October 2012 - 03:38 PM

Hello there!
Here's the problem:
two days ago I installed a file that should have been the installer of winrar 4.20
I even checked it with AVG and it showed a clean result. Anyway, I didn't check the hash and executed the "malware" - while logged with an admin user.
It surely did something cause suddenly firefox started to act strangely, showing advertising pop up that Ad-Block Plus normally stopped.
Today I tried to launch a nslookup and windows didn't let me saying wsock32.dll was damaged.
I overwrote the file with a working copy from another pc (same windows version and up-to-date) but it didn't solve the problem.
Then, with these symptoms gathered I checked the built-in firewall: it was strangely been disabled and I can't turn it back on.
Hope somebody can help to shed some light on what happened.
Thanks!

Attached Files



BC AdBot (Login to Remove)

 


#2 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 02 October 2012 - 03:52 PM

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Mr.Roboto at 21:11:30 on 2012-10-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3327.1532 [GMT 2:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
D:\Programmi\BigAnt\Server\AntDS.exe
C:\Windows\Explorer.EXE
D:\Programmi\BigAnt\Server\AntServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Programmi\BigAnt\Server\AvServer.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Windows\Logi_MwX.Exe
D:\Programmi\Norton Ghost\Agent\VProTray.exe
D:\Programmi\Logitech\SetPointP\SetPoint.exe
D:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Mr.Roboto\Local Settings\Apps\F.lux\flux.exe
D:\Programmi\BigAnt\Client\BigAnt.exe
C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
D:\Programmi\Fastweb PrintAndFax\FaxMonitor.exe
D:\Programmi\Fastweb PrintAndFax\MessageCapture.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
D:\Programmi\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
D:\Programmi\Macrium Reflect\ReflectService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\dllhost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
D:\Programmi\Logitech\SetPointG\SetPointII.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDClock.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDRSS.exe
D:\Programmi\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\system32\SearchProtocolHost.exe
D:\Programmi\Mozilla Firefox\firefox.exe
D:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = local;*.local;<local>
uInternet Settings,ProxyServer = http=
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IeCatch5 Class: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - d:\progra~2\flashget\jccatch.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - d:\programmi\megaupload manager\MegaIEMn.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: gFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - d:\progra~2\flashget\getflash.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: FlashGet Bar: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - d:\progra~2\flashget\fgiebar.dll
uRun: [3RVX] d:\programmi\3rvx\3RVX.exe
uRun: [F.lux] "c:\users\mr.roboto\local settings\apps\f.lux\flux.exe" /noshow
uRun: [<NO NAME>]
uRun: [BigAnt] d:\programmi\bigant\client\BigAnt.exe /MinSize
uRun: [SansaDispatch] c:\users\mr.roboto\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
uRun: [Google Update] "c:\users\mr.roboto\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Launch LCore] "c:\program files\logitech gaming software\LCore.exe" /minimized
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [Norton Ghost 14.0] "d:\programmi\norton ghost\agent\VProTray.exe"
mRun: [EvtMgr6] d:\programmi\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [Reader Application Helper] d:\program files\sony\readerdesktop\apphelper\ReaderAppHelper.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\printa~1.lnk - d:\programmi\fastweb printandfax\FaxMonitor.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - d:\progra~2\office~1\office12\EXCEL.EXE/3000
IE: Scarica con FlashGet - d:\programmi\flashget\jc_link.htm
IE: Scarica tutto con FlashGet - d:\programmi\flashget\jc_all.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - d:\progra~2\flashget\flashget.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~2\office~1\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{73BE1D74-2ACB-4516-B98D-8055E9F2730C} : NameServer = 8.8.8.8,8.8.4.4
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: x-wpexpert - {382E05AF-964B-41CE-B2B5-ED0BF48013C0} - d:\programmi\wildpackets omnipeek\peekrecon.dll
AppInit_DLLs: c:\windows\system32\acaptuser32.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - d:\programmi\iconpackager\iprepair.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mr.roboto\appdata\roaming\mozilla\firefox\profiles\febeprof.giuliano\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.http - 91.185.188.10
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\mr.roboto\appdata\roaming\mozilla\firefox\profiles\febeprof.giuliano\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - component: c:\users\mr.roboto\appdata\roaming\mozilla\firefox\profiles\febeprof.giuliano\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\mr.roboto\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\mr.roboto\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\mr.roboto\appdata\roaming\mozilla\firefox\profiles\febeprof.giuliano\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\users\mr.roboto\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\mr.roboto\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - plugin: d:\program files\sony\readerdesktop\npreaderdetectmoz.dll
FF - plugin: d:\programmi\adobe reader 10.0\reader\air\nppdf32.dll
FF - plugin: d:\programmi\adobe reader 10.0\reader\browser\nppdf32.dll
FF - plugin: d:\programmi\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: d:\programmi\adobe\acrobat 9.0\acrobat\browser\nppdf32.dll
FF - plugin: d:\programmi\itunes\mozilla plugins\npitunes.dll
FF - plugin: d:\programmi\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\programmi\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\programmi\mozilla firefox\plugins\npvsharetvplg.dll
FF - plugin: d:\programmi\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin6.dll
FF - plugin: d:\programmi\quicktime\plugins\npqtplugin7.dll
FF - plugin: d:\programmi\veetle\player\npvlc.dll
FF - plugin: d:\programmi\veetle\plugins\npVeetle.dll
FF - plugin: d:\programmi\veetle\vlcbroadcast\npvbp.dll
.
---- FIREFOX POLICIES ----
// Blocco del riutilizzo delle finestre attive:
FF - user.js: advanced.system.supportDDEExec - false);user_pref(yahoo.homepage.dontask, true
============= SERVICES / DRIVERS ===============
.
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2011-1-17 16024]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 AntDS;AntDS;d:\programmi\bigant\server\AntDS.exe [2011-10-26 524288]
R2 AntServer;AntServer;d:\programmi\bigant\server\AntServer.exe [2011-10-26 1212498]
R2 AvServer;AvServer;d:\programmi\bigant\server\AvServer.exe [2011-10-26 167936]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2011-4-7 3857408]
R2 ReflectService;Macrium Reflect Image Mounting Service;d:\programmi\macrium reflect\ReflectService.exe [2011-1-17 220824]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2009-8-9 5120]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-7-14 7168]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 mpfilt;mpfilt;c:\windows\system32\drivers\mpfilt.sys [2009-9-12 10588]
R3 mv2;mv2;c:\windows\system32\drivers\mv2.sys [2011-3-26 10200]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-6-24 148800]
R3 SymSnapService;SymSnapService;d:\programmi\norton ghost\shared\drivers\SymSnapService.exe [2007-12-20 1562096]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2012-3-27 319264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Servizio di Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-3-14 1262400]
S2 OTFSDMS;UNCFAT DMS;"c:\program files\addinforuncfat\uncfatdms.exe" --> c:\program files\addinforuncfat\UNCFATDMS.exe [?]
S2 SkypeUpdate;Skype Updater;d:\programmi\skype\updater\Updater.exe [2012-7-13 160944]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe --> c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [?]
S2 TeamViewer7;TeamViewer 7;d:\programmi\teamviewer 7\TeamViewer_Service.exe [2012-8-24 2735528]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BthAvrcp;Profilo Bluetooth AVRCP;c:\windows\system32\drivers\BthAvrcp.sys [2008-7-10 15872]
S3 CGVPNCliSrvc;CyberGhost VPN Client;d:\programmi\cyberghost vpn\CGVPNCliService.exe [2011-11-22 2428968]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2010-9-29 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2010-9-29 79360]
S3 csr_a2dp;Profilo Bluetooth AV;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-6-12 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-6-12 8456]
S3 gupdatem;Servizio Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programmi\hamachi\hamachi-2.exe -s --> d:\programmi\hamachi\hamachi-2.exe -s [?]
S3 L6SeaMonkDev;Line 6 Variax USB Service;c:\windows\system32\drivers\L6SM.sys [2011-8-2 39296]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2009-12-13 46592]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 114144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-27 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-27 52224]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2010-6-8 31504]
S4 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;d:\programmi\fantamorph5\fantaup.exe -permissionmanagerrun --> d:\programmi\fantamorph5\FantaUp.exe -PermissionManagerRun [?]
S4 Cepstral License Server;Cepstral License Server;d:\programmi\cepstral\bin\CepstralLicSrv.exe [2007-3-15 57344]
S4 MSSQLServerADHelper100;Servizio SQL Server Active Directory Helper;c:\program files\microsoft sql server\100\shared\SQLADHLP.EXE [2009-7-21 47128]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2010-9-17 370008]
S4 TomTomHOMEService;TomTomHOMEService;d:\programmi\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
.
=============== Created Last 30 ================
.
2012-10-02 19:01:47 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-02 18:55:48 -------- d-s---w- C:\Peppe
2012-10-02 18:25:46 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-10-02 17:54:07 -------- d-----w- c:\program files\HitmanPro
2012-10-02 17:53:51 -------- d-----w- c:\programdata\HitmanPro
2012-10-02 13:26:31 -------- d-----w- c:\program files\ESET
2012-10-02 10:40:57 -------- d-s---w- C:\ComboFix
2012-10-02 09:59:47 98816 ----a-w- c:\windows\sed.exe
2012-10-02 09:59:47 518144 ----a-w- c:\windows\SWREG.exe
2012-10-02 09:59:47 256000 ----a-w- c:\windows\PEV.exe
2012-10-02 09:59:47 208896 ----a-w- c:\windows\MBR.exe
2012-10-02 09:25:05 15360 ----a-w- C:\wsock32.dll
2012-10-02 08:58:33 15360 ----a-w- c:\windows\sytem32
2012-10-01 10:33:06 -------- d-----w- c:\program files\Backdoor Bifrose Removal Tool
2012-09-28 19:26:54 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-09-28 19:06:30 -------- d-----w- c:\users\mr.roboto\appdata\roaming\Pedobear
2012-09-28 08:06:23 -------- d-----w- c:\users\mr.roboto\appdata\roaming\Doublefine
2012-09-28 07:47:48 -------- d-----w- c:\users\mr.roboto\appdata\local\FLT
2012-09-28 07:47:47 -------- d-----w- c:\programdata\Codemasters
2012-09-17 13:33:15 -------- d-----w- c:\program files\Media Preview
2012-09-12 08:12:31 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-09-12 08:11:49 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 08:11:49 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-09-12 08:11:49 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 08:11:49 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-09-12 08:11:48 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 08:11:47 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 08:11:47 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 08:11:47 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 08:11:45 400896 ----a-w- c:\windows\system32\srcore.dll
2012-09-04 15:47:35 -------- d-----w- c:\users\mr.roboto\appdata\local\NBGI
2012-09-04 12:52:46 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
.
==================== Find3M ====================
.
2012-09-29 14:35:39 288 ----a-w- c:\windows\system32\msvcsv60.dll
2012-09-29 14:35:13 48 ----a-w- c:\users\mr.roboto\appdata\roaming\msregsvv.dll
2012-09-07 15:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-05 11:02:24 138904 ----a-w- c:\users\mr.roboto\appdata\roaming\PnkBstrK.sys
2012-09-05 07:49:14 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.DLL
2012-09-05 07:49:13 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-05 07:31:16 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-05 07:31:16 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-07-30 13:53:24 112096 ----a-w- c:\windows\system32\acaptuser32.dll
2012-07-22 19:56:36 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 21:14:34 41984 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14:34 102912 ----a-w- c:\windows\system32\browser.dll
.
============= FINISH: 21.11.54,48 ===============

#3 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:37 PM

Posted 04 October 2012 - 09:02 AM

Hello Geppo and welcome to BleepingComputer forums.


Step 1
1. Go >> Here << and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
2. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
3. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
4. Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
5. Make sure that at least the first two check boxes are ticked
6. Press OK
7. Press YES to create the folder.

Step 2
To show all files:
  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.
Step 3
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.
Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.
Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.


Step 4
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Step 5
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller
Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. Posted Image

Then copy/paste the following into your post (in order):
  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;
Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.
Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#4 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 04 October 2012 - 12:24 PM

Thanks for your time, Maurice, your help is very much appreciated :)))
Here we go with the logs!

AdwCleaner Log

# AdwCleaner v2.003 - Logfile created 10/04/2012 at 19:08:30
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Mr.Roboto - WEREWOLF
# Boot Mode : Normal
# Running from : C:\Users\Mr.Roboto\Desktop\Operazione Rootkit\Bleeping Computer\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (it)

Profile name : default
File : C:\Users\Mr.Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\w56ucw74.default\prefs.js

[OK] File is clean.

Profile name : Giuliano [Profil par défaut]
File : C:\Users\Mr.Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Giuliano\prefs.js

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Mr.Roboto\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2915 octets] - [02/10/2012 22:43:20]
AdwCleaner[R1].txt - [1095 octets] - [04/10/2012 19:08:30]

########## EOF - C:\AdwCleaner[R1].txt - [1155 octets] ##########


TDSSKiller log

19:10:36.0823 6140 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:10:37.0398 6140 ============================================================
19:10:37.0398 6140 Current date / time: 2012/10/04 19:10:37.0398
19:10:37.0398 6140 SystemInfo:
19:10:37.0398 6140
19:10:37.0398 6140 OS Version: 6.1.7601 ServicePack: 1.0
19:10:37.0398 6140 Product type: Workstation
19:10:37.0398 6140 ComputerName: WEREWOLF
19:10:37.0398 6140 UserName: Mr.Roboto
19:10:37.0398 6140 Windows directory: C:\Windows
19:10:37.0398 6140 System windows directory: C:\Windows
19:10:37.0398 6140 Processor architecture: Intel x86
19:10:37.0398 6140 Number of processors: 2
19:10:37.0398 6140 Page size: 0x1000
19:10:37.0398 6140 Boot type: Normal boot
19:10:37.0398 6140 ============================================================
19:10:38.0155 6140 Drive \Device\Harddisk1\DR1 - Size: 0x7471440000 (465.77 Gb), SectorSize: 0x200, Cylinders: 0xED82, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
19:10:38.0171 6140 Drive \Device\Harddisk0\DR0 - Size: 0x262AE80000 (152.67 Gb), SectorSize: 0x200, Cylinders: 0x4DD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:10:38.0173 6140 ============================================================
19:10:38.0173 6140 \Device\Harddisk1\DR1:
19:10:38.0180 6140 MBR partitions:
19:10:38.0180 6140 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6BACA35
19:10:38.0188 6140 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6BACAB3, BlocksNum 0x337DC04F
19:10:38.0188 6140 \Device\Harddisk0\DR0:
19:10:38.0188 6140 MBR partitions:
19:10:38.0192 6140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1314FF99
19:10:38.0192 6140 ============================================================
19:10:38.0213 6140 C: <-> \Device\Harddisk1\DR1\Partition1
19:10:38.0240 6140 E: <-> \Device\Harddisk0\DR0\Partition1
19:10:38.0262 6140 D: <-> \Device\Harddisk1\DR1\Partition2
19:10:38.0262 6140 ============================================================
19:10:38.0262 6140 Initialize success
19:10:38.0262 6140 ============================================================
19:11:03.0553 2232 ============================================================
19:11:03.0553 2232 Scan started
19:11:03.0553 2232 Mode: Manual;
19:11:03.0553 2232 ============================================================
19:11:04.0523 2232 ================ Scan system memory ========================
19:11:04.0523 2232 System memory - ok
19:11:04.0523 2232 ================ Scan services =============================
19:11:04.0737 2232 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:11:04.0739 2232 1394ohci - ok
19:11:04.0811 2232 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - ok
19:11:04.0850 2232 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:11:04.0859 2232 ACPI - ok
19:11:04.0879 2232 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:11:04.0880 2232 AcpiPmi - ok
19:11:04.0948 2232 [ 45F684F9F3BCCD98F294FF5CB8F25DE8 ] AcrSch2Svc C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
19:11:04.0954 2232 AcrSch2Svc - ok
19:11:04.0991 2232 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
19:11:04.0993 2232 adfs - ok
19:11:05.0058 2232 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:11:05.0068 2232 AdobeARMservice - ok
19:11:05.0099 2232 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:11:05.0105 2232 adp94xx - ok
19:11:05.0125 2232 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:11:05.0130 2232 adpahci - ok
19:11:05.0141 2232 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:11:05.0143 2232 adpu320 - ok
19:11:05.0159 2232 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:11:05.0160 2232 AeLookupSvc - ok
19:11:05.0197 2232 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:11:05.0202 2232 AFD - ok
19:11:05.0223 2232 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:11:05.0234 2232 agp440 - ok
19:11:05.0253 2232 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:11:05.0254 2232 aic78xx - ok
19:11:05.0275 2232 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:11:05.0276 2232 ALG - ok
19:11:05.0305 2232 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:11:05.0306 2232 aliide - ok
19:11:05.0343 2232 ALSysIO - ok
19:11:05.0364 2232 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:11:05.0365 2232 amdagp - ok
19:11:05.0390 2232 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:11:05.0391 2232 amdide - ok
19:11:05.0408 2232 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:11:05.0409 2232 AmdK8 - ok
19:11:05.0422 2232 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:11:05.0423 2232 AmdPPM - ok
19:11:05.0454 2232 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:11:05.0455 2232 amdsata - ok
19:11:05.0477 2232 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:11:05.0484 2232 amdsbs - ok
19:11:05.0493 2232 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:11:05.0495 2232 amdxata - ok
19:11:05.0590 2232 [ 2ADB63726BA3025B46E862F48F2B7FA5 ] AntDS D:\Programmi\BigAnt\Server\AntDS.exe
19:11:05.0598 2232 AntDS - ok
19:11:05.0662 2232 [ 1521A4EF2BC170E7B0C5FBEA3B72F2DE ] AntServer D:\Programmi\BigAnt\Server\AntServer.exe
19:11:05.0688 2232 AntServer - ok
19:11:05.0733 2232 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:11:05.0734 2232 AppID - ok
19:11:05.0754 2232 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:11:05.0756 2232 AppIDSvc - ok
19:11:05.0771 2232 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:11:05.0772 2232 Appinfo - ok
19:11:05.0821 2232 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:05.0823 2232 Apple Mobile Device - ok
19:11:05.0853 2232 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:11:05.0855 2232 AppMgmt - ok
19:11:05.0885 2232 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:11:05.0887 2232 arc - ok
19:11:05.0891 2232 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:11:05.0893 2232 arcsas - ok
19:11:05.0963 2232 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:11:05.0986 2232 aspnet_state - ok
19:11:06.0008 2232 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:06.0009 2232 AsyncMac - ok
19:11:06.0065 2232 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:11:06.0065 2232 atapi - ok
19:11:06.0132 2232 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:11:06.0136 2232 atksgt - ok
19:11:06.0164 2232 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:11:06.0169 2232 AudioEndpointBuilder - ok
19:11:06.0181 2232 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:11:06.0183 2232 Audiosrv - ok
19:11:06.0217 2232 [ 805773FE021253473827229985CDF73B ] AvServer D:\Programmi\BigAnt\Server\AvServer.exe
19:11:06.0219 2232 AvServer - ok
19:11:06.0259 2232 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:11:06.0260 2232 AxInstSV - ok
19:11:06.0292 2232 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:11:06.0297 2232 b06bdrv - ok
19:11:06.0329 2232 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:06.0333 2232 b57nd60x - ok
19:11:06.0361 2232 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:11:06.0364 2232 BDESVC - ok
19:11:06.0373 2232 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:11:06.0373 2232 Beep - ok
19:11:06.0448 2232 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:11:06.0454 2232 BFE - ok
19:11:06.0531 2232 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
19:11:06.0547 2232 BITS - ok
19:11:06.0564 2232 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:11:06.0566 2232 blbdrive - ok
19:11:06.0616 2232 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:11:06.0616 2232 Suspicious file (NoAccess): C:\Program Files\Bonjour\mDNSResponder.exe. md5: DB5BEA73EDAF19AC68B2C0FAD0F92B1A
19:11:06.0627 2232 Bonjour Service ( LockedFile.Multi.Generic ) - warning
19:11:06.0627 2232 Bonjour Service - detected LockedFile.Multi.Generic (1)
19:11:06.0657 2232 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:11:06.0659 2232 bowser - ok
19:11:06.0677 2232 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:11:06.0678 2232 BrFiltLo - ok
19:11:06.0691 2232 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:11:06.0700 2232 BrFiltUp - ok
19:11:06.0716 2232 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:11:06.0718 2232 BridgeMP - ok
19:11:06.0740 2232 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:11:06.0742 2232 Browser - ok
19:11:06.0749 2232 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:11:06.0752 2232 Brserid - ok
19:11:06.0756 2232 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:11:06.0758 2232 BrSerWdm - ok
19:11:06.0768 2232 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:06.0769 2232 BrUsbMdm - ok
19:11:06.0772 2232 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:11:06.0773 2232 BrUsbSer - ok
19:11:06.0801 2232 [ 5EAB553A9F317B07D7A5912FF182357C ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
19:11:06.0802 2232 BthAvrcp - ok
19:11:06.0836 2232 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:11:06.0838 2232 BthEnum - ok
19:11:06.0851 2232 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:11:06.0853 2232 BTHMODEM - ok
19:11:06.0863 2232 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:11:06.0865 2232 BthPan - ok
19:11:06.0886 2232 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:11:06.0891 2232 BTHPORT - ok
19:11:06.0927 2232 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:11:06.0929 2232 bthserv - ok
19:11:06.0944 2232 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:11:06.0946 2232 BTHUSB - ok
19:11:06.0971 2232 [ 0F5CA31BB3FDB5C1E63C170CFBECC93B ] CamDrL C:\Windows\system32\DRIVERS\Camdrl.sys
19:11:06.0995 2232 CamDrL - ok
19:11:07.0011 2232 catchme - ok
19:11:07.0025 2232 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:11:07.0026 2232 cdfs - ok
19:11:07.0055 2232 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:11:07.0057 2232 cdrom - ok
19:11:07.0098 2232 [ 4F16CBA65FAA457BCFF7CC614D7880D1 ] Cepstral License Server D:\Programmi\Cepstral\bin\CepstralLicSrv.exe
19:11:07.0103 2232 Cepstral License Server - ok
19:11:07.0155 2232 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:11:07.0165 2232 CertPropSvc - ok
19:11:07.0276 2232 [ 56A3EB5472D27B2224358A5CECEFE410 ] CGVPNCliSrvc D:\Programmi\CyberGhost VPN\CGVPNCliService.exe
19:11:07.0319 2232 CGVPNCliSrvc - ok
19:11:07.0352 2232 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:11:07.0354 2232 circlass - ok
19:11:07.0372 2232 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:11:07.0388 2232 CLFS - ok
19:11:07.0504 2232 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:07.0506 2232 clr_optimization_v2.0.50727_32 - ok
19:11:07.0547 2232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:07.0616 2232 clr_optimization_v4.0.30319_32 - ok
19:11:07.0629 2232 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:11:07.0631 2232 CmBatt - ok
19:11:07.0641 2232 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:11:07.0642 2232 cmdide - ok
19:11:07.0663 2232 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:11:07.0668 2232 CNG - ok
19:11:07.0679 2232 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:11:07.0681 2232 Compbatt - ok
19:11:07.0716 2232 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:11:07.0717 2232 CompositeBus - ok
19:11:07.0727 2232 COMSysApp - ok
19:11:07.0746 2232 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:11:07.0747 2232 crcdisk - ok
19:11:07.0826 2232 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:11:07.0827 2232 Creative ALchemy AL6 Licensing Service - ok
19:11:07.0850 2232 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:11:07.0856 2232 Creative Audio Engine Licensing Service - ok
19:11:07.0886 2232 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:11:07.0888 2232 CryptSvc - ok
19:11:07.0909 2232 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
19:11:07.0914 2232 CSC - ok
19:11:07.0937 2232 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:11:07.0944 2232 CscService - ok
19:11:07.0964 2232 [ 5C4C3C1D3B626CFF74316DD07C8B6A1F ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
19:11:07.0966 2232 csr_a2dp - ok
19:11:07.0989 2232 [ B9106942EB5DD0E034AB40A9D48D056E ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
19:11:07.0992 2232 CT20XUT - ok
19:11:08.0004 2232 [ B9106942EB5DD0E034AB40A9D48D056E ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
19:11:08.0005 2232 CT20XUT.SYS - ok
19:11:08.0029 2232 [ F2B1D0A3D21BD0D9F46457CBCEC1A0E9 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
19:11:08.0036 2232 ctac32k - ok
19:11:08.0050 2232 [ 44F60A5E3C3A8A6BBA4C280948EA6095 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
19:11:08.0056 2232 ctaud2k - ok
19:11:08.0109 2232 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
19:11:08.0119 2232 CTAudSvcService - ok
19:11:08.0144 2232 [ 8CBE82D6BBF206E144F22CB33FAB1F2C ] ctdvda2k C:\Windows\system32\drivers\ctdvda2k.sys
19:11:08.0149 2232 ctdvda2k - ok
19:11:08.0183 2232 [ 4AE083D16AC9FC9BDF98498F93426226 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
19:11:08.0208 2232 CTEXFIFX - ok
19:11:08.0258 2232 [ 4AE083D16AC9FC9BDF98498F93426226 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
19:11:08.0264 2232 CTEXFIFX.SYS - ok
19:11:08.0279 2232 [ B610BFE02F9FC0CB0B1CDE3EC4C13FFA ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
19:11:08.0288 2232 CTHWIUT - ok
19:11:08.0296 2232 [ B610BFE02F9FC0CB0B1CDE3EC4C13FFA ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
19:11:08.0296 2232 CTHWIUT.SYS - ok
19:11:08.0306 2232 [ F0F19A13C948E5289601E354B08E0941 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
19:11:08.0308 2232 ctprxy2k - ok
19:11:08.0319 2232 [ C7B2C36A6203A5F3D0A378FD78C5DDD6 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
19:11:08.0321 2232 ctsfm2k - ok
19:11:08.0347 2232 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:11:08.0353 2232 DcomLaunch - ok
19:11:08.0378 2232 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:11:08.0382 2232 defragsvc - ok
19:11:08.0401 2232 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:11:08.0403 2232 DfsC - ok
19:11:08.0428 2232 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:11:08.0431 2232 Dhcp - ok
19:11:08.0468 2232 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:11:08.0469 2232 discache - ok
19:11:08.0488 2232 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:11:08.0489 2232 Disk - ok
19:11:08.0513 2232 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:11:08.0519 2232 Dnscache - ok
19:11:08.0545 2232 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:11:08.0549 2232 dot3svc - ok
19:11:08.0570 2232 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:11:08.0573 2232 DPS - ok
19:11:08.0599 2232 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:11:08.0600 2232 drmkaud - ok
19:11:08.0631 2232 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:11:08.0640 2232 DXGKrnl - ok
19:11:08.0666 2232 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:11:08.0668 2232 EapHost - ok
19:11:08.0731 2232 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:11:08.0784 2232 ebdrv - ok
19:11:08.0827 2232 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:11:08.0837 2232 EFS - ok
19:11:08.0860 2232 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:11:08.0866 2232 elxstor - ok
19:11:08.0891 2232 [ FB2D6D4D14AE801F5267B0368FC0CB0C ] emupia C:\Windows\system32\drivers\emupia2k.sys
19:11:08.0893 2232 emupia - ok
19:11:08.0912 2232 [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv C:\Windows\system32\epmntdrv.sys
19:11:08.0913 2232 epmntdrv - ok
19:11:08.0977 2232 [ CDCA791AFA0483F44BBA576DBFAFD04D ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
19:11:08.0979 2232 EPSON_PM_RPCV4_01 - ok
19:11:09.0007 2232 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:11:09.0008 2232 ErrDev - ok
19:11:09.0028 2232 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
19:11:09.0030 2232 EuGdiDrv - ok
19:11:09.0056 2232 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:11:09.0063 2232 EventSystem - ok
19:11:09.0079 2232 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:11:09.0081 2232 exfat - ok
19:11:09.0102 2232 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:11:09.0104 2232 fastfat - ok
19:11:09.0127 2232 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:11:09.0134 2232 Fax - ok
19:11:09.0148 2232 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:11:09.0150 2232 fdc - ok
19:11:09.0155 2232 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:11:09.0157 2232 fdPHost - ok
19:11:09.0167 2232 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:11:09.0168 2232 FDResPub - ok
19:11:09.0176 2232 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:11:09.0177 2232 FileInfo - ok
19:11:09.0189 2232 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:11:09.0192 2232 Filetrace - ok
19:11:09.0220 2232 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:11:09.0228 2232 FLEXnet Licensing Service - ok
19:11:09.0234 2232 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:11:09.0235 2232 flpydisk - ok
19:11:09.0255 2232 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:11:09.0259 2232 FltMgr - ok
19:11:09.0283 2232 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:11:09.0298 2232 FontCache - ok
19:11:09.0335 2232 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:09.0352 2232 FontCache3.0.0.0 - ok
19:11:09.0357 2232 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:11:09.0359 2232 FsDepends - ok
19:11:09.0377 2232 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:11:09.0378 2232 Fs_Rec - ok
19:11:09.0407 2232 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:11:09.0410 2232 fvevol - ok
19:11:09.0434 2232 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:11:09.0439 2232 gagp30kx - ok
19:11:09.0465 2232 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:11:09.0466 2232 GEARAspiWDM - ok
19:11:09.0516 2232 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
19:11:09.0519 2232 giveio - ok
19:11:09.0540 2232 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:11:09.0556 2232 gpsvc - ok
19:11:09.0634 2232 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:11:09.0636 2232 gupdate - ok
19:11:09.0642 2232 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:11:09.0643 2232 gupdatem - ok
19:11:09.0666 2232 [ 7FF1CED1201C169A783B0E81CC561FBA ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
19:11:09.0681 2232 ha20x2k - ok
19:11:09.0705 2232 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:11:09.0706 2232 hamachi - ok
19:11:09.0752 2232 Hamachi2Svc - ok
19:11:09.0775 2232 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:11:09.0776 2232 hcw85cir - ok
19:11:09.0804 2232 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:11:09.0809 2232 HdAudAddService - ok
19:11:09.0826 2232 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:11:09.0827 2232 HDAudBus - ok
19:11:09.0841 2232 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:11:09.0843 2232 HidBatt - ok
19:11:09.0853 2232 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:11:09.0859 2232 HidBth - ok
19:11:09.0867 2232 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:11:09.0869 2232 HidIr - ok
19:11:09.0885 2232 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:11:09.0887 2232 hidserv - ok
19:11:09.0920 2232 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:11:09.0921 2232 HidUsb - ok
19:11:09.0944 2232 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:11:09.0946 2232 hkmsvc - ok
19:11:09.0961 2232 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:11:09.0965 2232 HomeGroupListener - ok
19:11:09.0988 2232 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:11:09.0993 2232 HomeGroupProvider - ok
19:11:10.0008 2232 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:11:10.0010 2232 HpSAMD - ok
19:11:10.0038 2232 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:11:10.0045 2232 HTTP - ok
19:11:10.0057 2232 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:11:10.0058 2232 hwpolicy - ok
19:11:10.0081 2232 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:11:10.0083 2232 i8042prt - ok
19:11:10.0098 2232 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:11:10.0102 2232 iaStorV - ok
19:11:10.0143 2232 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:10.0161 2232 idsvc - ok
19:11:10.0183 2232 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:11:10.0185 2232 iirsp - ok
19:11:10.0213 2232 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:11:10.0221 2232 IKEEXT - ok
19:11:10.0244 2232 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:11:10.0261 2232 intelide - ok
19:11:10.0277 2232 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:11:10.0278 2232 intelppm - ok
19:11:10.0293 2232 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:11:10.0295 2232 IPBusEnum - ok
19:11:10.0299 2232 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:10.0300 2232 IpFilterDriver - ok
19:11:10.0349 2232 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:11:10.0366 2232 iphlpsvc - ok
19:11:10.0383 2232 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:11:10.0385 2232 IPMIDRV - ok
19:11:10.0389 2232 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:11:10.0391 2232 IPNAT - ok
19:11:10.0486 2232 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:11:10.0487 2232 Suspicious file (NoAccess): C:\Program Files\iPod\bin\iPodService.exe. md5: 178FE38B7740F598391EB2F51AE4CCAC
19:11:10.0488 2232 iPod Service ( LockedFile.Multi.Generic ) - warning
19:11:10.0488 2232 iPod Service - detected LockedFile.Multi.Generic (1)
19:11:10.0507 2232 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:11:10.0518 2232 IRENUM - ok
19:11:10.0521 2232 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:11:10.0522 2232 isapnp - ok
19:11:10.0544 2232 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:11:10.0586 2232 iScsiPrt - ok
19:11:10.0599 2232 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:11:10.0600 2232 kbdclass - ok
19:11:10.0612 2232 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:11:10.0614 2232 kbdhid - ok
19:11:10.0628 2232 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:11:10.0629 2232 KeyIso - ok
19:11:10.0655 2232 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:11:10.0665 2232 KSecDD - ok
19:11:10.0689 2232 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:11:10.0691 2232 KSecPkg - ok
19:11:10.0722 2232 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:11:10.0727 2232 KtmRm - ok
19:11:10.0768 2232 [ 5873EB46776315A4CC2E02297FD21D6F ] L6SeaMonkDev C:\Windows\system32\Drivers\L6SM.sys
19:11:10.0770 2232 L6SeaMonkDev - ok
19:11:10.0786 2232 [ 1C219FABFB146C18CCEACCAC51282225 ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
19:11:10.0787 2232 L8042Kbd - ok
19:11:10.0814 2232 [ 4CC7C98B133CE333B869F771CA30FFA3 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
19:11:10.0816 2232 L8042mou - ok
19:11:10.0835 2232 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
19:11:10.0839 2232 LanmanServer - ok
19:11:10.0863 2232 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:11:10.0867 2232 LanmanWorkstation - ok
19:11:10.0920 2232 [ 9582504591A9F405F7505FEFB4F64123 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:11:10.0925 2232 LBTServ - ok
19:11:10.0953 2232 [ 170E7093A77AD586F3A012A3DB651D94 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
19:11:10.0954 2232 LGBusEnum - ok
19:11:10.0974 2232 [ D2DD04D1C8DF65EECD1F2C7FB947D43E ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
19:11:10.0975 2232 LGVirHid - ok
19:11:10.0984 2232 [ 05D6B85ECC3204931923AB7940B9596E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:11:10.0985 2232 LHidFilt - ok
19:11:11.0001 2232 [ 03976C309EDE05D39017C05B817CD94F ] LHidFlt2 C:\Windows\system32\DRIVERS\LHidFlt2.Sys
19:11:11.0002 2232 LHidFlt2 - ok
19:11:11.0019 2232 [ 25688115843C4028686A96D88BC28007 ] LHidUsb C:\Windows\system32\Drivers\LHidUsb.Sys
19:11:11.0020 2232 LHidUsb - ok
19:11:11.0040 2232 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:11:11.0049 2232 lirsgt - ok
19:11:11.0119 2232 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
19:11:11.0192 2232 LiveUpdate - ok
19:11:11.0235 2232 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:11:11.0236 2232 lltdio - ok
19:11:11.0266 2232 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:11:11.0272 2232 lltdsvc - ok
19:11:11.0286 2232 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:11:11.0288 2232 lmhosts - ok
19:11:11.0309 2232 [ 053DBCC1082FDF74AB145A71917A6556 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:11:11.0319 2232 LMouFilt - ok
19:11:11.0327 2232 [ 26407519FCA64EC4091FE1F815B4AFC4 ] LMouFlt2 C:\Windows\system32\DRIVERS\LMouFlt2.Sys
19:11:11.0329 2232 LMouFlt2 - ok
19:11:11.0348 2232 [ FE5877AC25B1B9DD4E14E81ABB5E16CD ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
19:11:11.0350 2232 LMouKE - ok
19:11:11.0368 2232 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:11:11.0386 2232 LSI_FC - ok
19:11:11.0417 2232 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:11:11.0419 2232 LSI_SAS - ok
19:11:11.0425 2232 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:11:11.0427 2232 LSI_SAS2 - ok
19:11:11.0439 2232 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:11:11.0441 2232 LSI_SCSI - ok
19:11:11.0451 2232 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:11:11.0453 2232 luafv - ok
19:11:11.0505 2232 [ B0456B8A332135C1216FF2374B584161 ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
19:11:11.0514 2232 lvpopflt - ok
19:11:11.0547 2232 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
19:11:11.0548 2232 LVPr2Mon - ok
19:11:11.0573 2232 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:11:11.0575 2232 LVPrcSrv - ok
19:11:11.0598 2232 [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
19:11:11.0598 2232 LVUSBSta - ok
19:11:11.0678 2232 [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
19:11:11.0695 2232 LVUVC - ok
19:11:11.0715 2232 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:11:11.0717 2232 megasas - ok
19:11:11.0736 2232 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:11:11.0739 2232 MegaSR - ok
19:11:11.0768 2232 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:11:11.0771 2232 MMCSS - ok
19:11:11.0783 2232 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:11:11.0785 2232 Modem - ok
19:11:11.0797 2232 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:11:11.0798 2232 monitor - ok
19:11:11.0828 2232 [ F3D9723A0AEA85186328BC090A3A0614 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:11:11.0831 2232 MotioninJoyXFilter - ok
19:11:11.0840 2232 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:11:11.0842 2232 mouclass - ok
19:11:11.0856 2232 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:11:11.0857 2232 mouhid - ok
19:11:11.0873 2232 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:11:11.0875 2232 mountmgr - ok
19:11:11.0928 2232 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:11:11.0930 2232 MozillaMaintenance - ok
19:11:11.0948 2232 [ 520E878034265A4BE26A1ADA79A6346A ] mpfilt C:\Windows\system32\drivers\mpfilt.sys
19:11:11.0949 2232 mpfilt - ok
19:11:11.0970 2232 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:11:11.0981 2232 mpio - ok
19:11:11.0996 2232 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:11:12.0005 2232 mpsdrv - ok
19:11:12.0048 2232 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:11:12.0062 2232 MpsSvc - ok
19:11:12.0085 2232 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:11:12.0087 2232 MRxDAV - ok
19:11:12.0117 2232 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:12.0119 2232 mrxsmb - ok
19:11:12.0140 2232 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:12.0144 2232 mrxsmb10 - ok
19:11:12.0153 2232 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:12.0155 2232 mrxsmb20 - ok
19:11:12.0172 2232 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:11:12.0173 2232 msahci - ok
19:11:12.0190 2232 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:11:12.0193 2232 msdsm - ok
19:11:12.0211 2232 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:11:12.0214 2232 MSDTC - ok
19:11:12.0241 2232 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:11:12.0242 2232 Msfs - ok
19:11:12.0256 2232 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:11:12.0257 2232 mshidkmdf - ok
19:11:12.0273 2232 MSICDSetup - ok
19:11:12.0282 2232 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:11:12.0283 2232 msisadrv - ok
19:11:12.0312 2232 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:11:12.0315 2232 MSiSCSI - ok
19:11:12.0318 2232 msiserver - ok
19:11:12.0344 2232 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:11:12.0345 2232 MSKSSRV - ok
19:11:12.0357 2232 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:11:12.0358 2232 MSPCLOCK - ok
19:11:12.0371 2232 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:11:12.0374 2232 MSPQM - ok
19:11:12.0386 2232 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:11:12.0388 2232 MsRPC - ok
19:11:12.0410 2232 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:11:12.0411 2232 mssmbios - ok
19:11:12.0464 2232 MSSQL$SQLEXPRESS - ok
19:11:12.0515 2232 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:11:12.0532 2232 MSSQLServerADHelper100 - ok
19:11:12.0561 2232 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:11:12.0562 2232 MSTEE - ok
19:11:12.0573 2232 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:11:12.0575 2232 MTConfig - ok
19:11:12.0609 2232 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:11:12.0610 2232 MTsensor - ok
19:11:12.0618 2232 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:11:12.0620 2232 Mup - ok
19:11:12.0652 2232 [ D186D031B0832A5438EC1AC2C5D74E9D ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
19:11:12.0653 2232 mv2 - ok
19:11:12.0672 2232 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:11:12.0678 2232 napagent - ok
19:11:12.0693 2232 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:11:12.0697 2232 NativeWifiP - ok
19:11:12.0728 2232 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:11:12.0736 2232 NDIS - ok
19:11:12.0759 2232 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:11:12.0760 2232 NdisCap - ok
19:11:12.0770 2232 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:11:12.0771 2232 NdisTapi - ok
19:11:12.0788 2232 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:11:12.0789 2232 Ndisuio - ok
19:11:12.0808 2232 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:11:12.0811 2232 NdisWan - ok
19:11:12.0830 2232 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:11:12.0832 2232 NDProxy - ok
19:11:12.0847 2232 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:11:12.0849 2232 NetBIOS - ok
19:11:12.0873 2232 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:11:12.0876 2232 NetBT - ok
19:11:12.0885 2232 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:11:12.0887 2232 Netlogon - ok
19:11:12.0928 2232 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:11:12.0933 2232 Netman - ok
19:11:12.0977 2232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:12.0993 2232 NetMsmqActivator - ok
19:11:13.0020 2232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:13.0021 2232 NetPipeActivator - ok
19:11:13.0036 2232 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:11:13.0042 2232 netprofm - ok
19:11:13.0061 2232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:13.0062 2232 NetTcpActivator - ok
19:11:13.0070 2232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:11:13.0071 2232 NetTcpPortSharing - ok
19:11:13.0091 2232 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:11:13.0092 2232 nfrd960 - ok
19:11:13.0426 2232 [ BD7A1D7BEF2C0FDE73F7B87971ED9D2F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
19:11:13.0481 2232 NIHardwareService - ok
19:11:13.0504 2232 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:11:13.0508 2232 NlaSvc - ok
19:11:13.0524 2232 [ CFE3462A9E94A57DCD9676F6B7FE7F67 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
19:11:13.0525 2232 nmwcd - ok
19:11:13.0538 2232 [ 8F2A94F991F8C73CEC26B4B5620D1EDC ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
19:11:13.0539 2232 nmwcdc - ok
19:11:13.0703 2232 [ 4365BCC30F28052005157284B916C681 ] Norton Ghost D:\Programmi\Norton Ghost\Agent\VProSvc.exe
19:11:13.0779 2232 Norton Ghost - ok
19:11:13.0832 2232 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
19:11:13.0833 2232 NPF - ok
19:11:13.0846 2232 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:11:13.0847 2232 Npfs - ok
19:11:13.0850 2232 npggsvc - ok
19:11:13.0873 2232 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:11:13.0876 2232 nsi - ok
19:11:13.0887 2232 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:11:13.0889 2232 nsiproxy - ok
19:11:13.0924 2232 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:11:13.0947 2232 Ntfs - ok
19:11:13.0964 2232 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:11:13.0965 2232 Null - ok
19:11:14.0001 2232 [ A0A9E53B4AAC3C6534A063ABA69BC19F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
19:11:14.0004 2232 NVHDA - ok
19:11:14.0189 2232 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:11:14.0347 2232 nvlddmkm - ok
19:11:14.0372 2232 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:11:14.0377 2232 nvraid - ok
19:11:14.0388 2232 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:11:14.0390 2232 nvstor - ok
19:11:14.0500 2232 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:11:14.0516 2232 nvsvc - ok
19:11:14.0638 2232 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:11:14.0662 2232 nvUpdatusService - ok
19:11:14.0686 2232 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:11:14.0689 2232 nv_agp - ok
19:11:14.0731 2232 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:11:14.0738 2232 odserv - ok
19:11:14.0768 2232 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:11:14.0770 2232 ohci1394 - ok
19:11:14.0795 2232 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:14.0798 2232 ose - ok
19:11:14.0817 2232 [ AC5BF1A610EFFAAE9CFC48CB53483F08 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
19:11:14.0819 2232 ossrv - ok
19:11:14.0867 2232 [ 93E4D6184B772A861F91F98A064390AE ] OTFSDMS C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe
19:11:14.0867 2232 Suspicious file (NoAccess): C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe. md5: 93E4D6184B772A861F91F98A064390AE
19:11:14.0867 2232 OTFSDMS ( LockedFile.Multi.Generic ) - warning
19:11:14.0867 2232 OTFSDMS - detected LockedFile.Multi.Generic (1)
19:11:14.0895 2232 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:11:14.0904 2232 p2pimsvc - ok
19:11:14.0932 2232 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:11:14.0938 2232 p2psvc - ok
19:11:14.0955 2232 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:11:14.0957 2232 Parport - ok
19:11:14.0972 2232 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:11:14.0974 2232 partmgr - ok
19:11:14.0989 2232 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:11:14.0990 2232 Parvdm - ok
19:11:15.0002 2232 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:11:15.0006 2232 PcaSvc - ok
19:11:15.0027 2232 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:11:15.0029 2232 pccsmcfd - ok
19:11:15.0047 2232 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:11:15.0050 2232 pci - ok
19:11:15.0064 2232 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:11:15.0065 2232 pciide - ok
19:11:15.0077 2232 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:11:15.0080 2232 pcmcia - ok
19:11:15.0090 2232 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:11:15.0092 2232 pcw - ok
19:11:15.0114 2232 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:11:15.0130 2232 PEAUTH - ok
19:11:15.0171 2232 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:11:15.0189 2232 PeerDistSvc - ok
19:11:15.0290 2232 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:11:15.0320 2232 pla - ok
19:11:15.0349 2232 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:11:15.0355 2232 PlugPlay - ok
19:11:15.0375 2232 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:11:15.0377 2232 PNRPAutoReg - ok
19:11:15.0394 2232 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:11:15.0397 2232 PNRPsvc - ok
19:11:15.0422 2232 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:11:15.0427 2232 PolicyAgent - ok
19:11:15.0460 2232 PORTIO64 - ok
19:11:15.0485 2232 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:11:15.0489 2232 Power - ok
19:11:15.0515 2232 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:11:15.0517 2232 PptpMiniport - ok
19:11:15.0529 2232 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:11:15.0530 2232 Processor - ok
19:11:15.0557 2232 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:11:15.0561 2232 ProfSvc - ok
19:11:15.0575 2232 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:11:15.0577 2232 ProtectedStorage - ok
19:11:15.0608 2232 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:11:15.0610 2232 Psched - ok
19:11:15.0711 2232 [ 52E5E76C927A44957DE7E7671E1F7E35 ] pssnap C:\Windows\system32\DRIVERS\pssnap.sys
19:11:15.0712 2232 pssnap - ok
19:11:15.0751 2232 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:11:15.0770 2232 ql2300 - ok
19:11:15.0785 2232 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:11:15.0787 2232 ql40xx - ok
19:11:15.0800 2232 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:11:15.0804 2232 QWAVE - ok
19:11:15.0818 2232 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:11:15.0819 2232 QWAVEdrv - ok
19:11:15.0831 2232 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:11:15.0832 2232 RasAcd - ok
19:11:15.0852 2232 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:11:15.0854 2232 RasAgileVpn - ok
19:11:15.0862 2232 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:11:15.0865 2232 RasAuto - ok
19:11:15.0881 2232 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:11:15.0890 2232 Rasl2tp - ok
19:11:15.0925 2232 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:11:15.0931 2232 RasMan - ok
19:11:15.0951 2232 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:11:15.0953 2232 RasPppoe - ok
19:11:15.0965 2232 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:11:15.0967 2232 RasSstp - ok
19:11:15.0992 2232 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:11:15.0995 2232 rdbss - ok
19:11:16.0007 2232 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:11:16.0008 2232 rdpbus - ok
19:11:16.0018 2232 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:11:16.0019 2232 RDPCDD - ok
19:11:16.0035 2232 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:11:16.0038 2232 RDPDR - ok
19:11:16.0054 2232 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:11:16.0055 2232 RDPENCDD - ok
19:11:16.0059 2232 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:11:16.0060 2232 RDPREFMP - ok
19:11:16.0103 2232 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:11:16.0120 2232 RdpVideoMiniport - ok
19:11:16.0138 2232 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:11:16.0142 2232 RDPWD - ok
19:11:16.0162 2232 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:11:16.0165 2232 rdyboost - ok
19:11:16.0234 2232 [ 01535FF2E4F8DF7B6FB8413CEECC4335 ] ReflectService D:\Programmi\Macrium Reflect\ReflectService.exe
19:11:16.0237 2232 ReflectService - ok
19:11:16.0265 2232 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:11:16.0275 2232 RemoteAccess - ok
19:11:16.0287 2232 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:11:16.0291 2232 RemoteRegistry - ok
19:11:16.0311 2232 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:11:16.0313 2232 RFCOMM - ok
19:11:16.0348 2232 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
19:11:16.0350 2232 rpcapd - ok
19:11:16.0380 2232 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:11:16.0383 2232 RpcEptMapper - ok
19:11:16.0428 2232 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:11:16.0430 2232 RpcLocator - ok
19:11:16.0468 2232 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:11:16.0472 2232 RpcSs - ok
19:11:16.0523 2232 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
19:11:16.0527 2232 RsFx0103 - ok
19:11:16.0560 2232 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:11:16.0562 2232 rspndr - ok
19:11:16.0577 2232 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:11:16.0579 2232 s3cap - ok
19:11:16.0591 2232 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:11:16.0593 2232 SamSs - ok
19:11:16.0610 2232 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:11:16.0612 2232 sbp2port - ok
19:11:16.0626 2232 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:11:16.0629 2232 SCardSvr - ok
19:11:16.0643 2232 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:11:16.0644 2232 scfilter - ok
19:11:16.0664 2232 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:11:16.0674 2232 Schedule - ok
19:11:16.0686 2232 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:11:16.0687 2232 SCPolicySvc - ok
19:11:16.0700 2232 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:11:16.0704 2232 SDRSVC - ok
19:11:16.0722 2232 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:11:16.0724 2232 secdrv - ok
19:11:16.0736 2232 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:11:16.0738 2232 seclogon - ok
19:11:16.0759 2232 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:11:16.0769 2232 SENS - ok
19:11:16.0791 2232 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:11:16.0793 2232 SensrSvc - ok
19:11:16.0821 2232 [ 8B80A722CCE8E16F495FCAEB43D863D1 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
19:11:16.0832 2232 Ser2pl - ok
19:11:16.0843 2232 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:11:16.0860 2232 Serenum - ok
19:11:16.0883 2232 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:11:16.0884 2232 sermouse - ok
19:11:16.0924 2232 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:11:16.0925 2232 Suspicious file (NoAccess): C:\Program Files\PC Connectivity Solution\ServiceLayer.exe. md5: 8C1F87F5FDD92229D1754B98F073913F
19:11:16.0926 2232 ServiceLayer ( LockedFile.Multi.Generic ) - warning
19:11:16.0926 2232 ServiceLayer - detected LockedFile.Multi.Generic (1)
19:11:16.0956 2232 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:11:16.0960 2232 SessionEnv - ok
19:11:16.0980 2232 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:11:16.0997 2232 sffdisk - ok
19:11:17.0005 2232 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:11:17.0006 2232 sffp_mmc - ok
19:11:17.0020 2232 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:11:17.0021 2232 sffp_sd - ok
19:11:17.0036 2232 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:11:17.0037 2232 sfloppy - ok
19:11:17.0071 2232 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:11:17.0076 2232 SharedAccess - ok
19:11:17.0106 2232 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:11:17.0114 2232 ShellHWDetection - ok
19:11:17.0139 2232 [ 227E56633D6423E1F7D869618AC8404F ] Si3132r5 C:\Windows\system32\DRIVERS\Si3132r5.sys
19:11:17.0140 2232 Si3132r5 - ok
19:11:17.0158 2232 [ DBDEE2A96F2F616726817373516CB0BD ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
19:11:17.0159 2232 SiFilter - ok
19:11:17.0170 2232 [ 3E6B438E5CB674A1382B2955AA98F637 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
19:11:17.0171 2232 SiRemFil - ok
19:11:17.0182 2232 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:11:17.0183 2232 sisagp - ok
19:11:17.0206 2232 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:11:17.0208 2232 SiSRaid2 - ok
19:11:17.0215 2232 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:11:17.0216 2232 SiSRaid4 - ok
19:11:17.0300 2232 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\Programmi\Skype\Updater\Updater.exe
19:11:17.0317 2232 SkypeUpdate - ok
19:11:17.0332 2232 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:11:17.0334 2232 Smb - ok
19:11:17.0361 2232 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:11:17.0364 2232 SNMPTRAP - ok
19:11:17.0396 2232 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
19:11:17.0405 2232 Sony SCSI Helper Service - ok
19:11:17.0443 2232 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\Windows\system32\speedfan.sys
19:11:17.0445 2232 speedfan - ok
19:11:17.0456 2232 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:11:17.0457 2232 spldr - ok
19:11:17.0520 2232 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:11:17.0544 2232 Spooler - ok
19:11:17.0681 2232 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:11:17.0745 2232 sppsvc - ok
19:11:17.0768 2232 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:11:17.0777 2232 sppuinotify - ok
19:11:17.0807 2232 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\System32\Drivers\sptd.sys
19:11:17.0816 2232 sptd - ok
19:11:17.0836 2232 [ D494597E8C665F2D515D9D24FA9616EF ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:11:17.0852 2232 SQLAgent$SQLEXPRESS - ok
19:11:17.0905 2232 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:11:17.0906 2232 Suspicious file (NoAccess): C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe. md5: B54B48F6D92423440C264E91225C5FF1
19:11:17.0907 2232 SQLBrowser ( LockedFile.Multi.Generic ) - warning
19:11:17.0907 2232 SQLBrowser - detected LockedFile.Multi.Generic (1)
19:11:17.0938 2232 [ 997BC62F49D0D84214FE887F09197D41 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:11:17.0939 2232 Suspicious file (NoAccess): C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe. md5: 997BC62F49D0D84214FE887F09197D41
19:11:17.0939 2232 SQLWriter ( LockedFile.Multi.Generic ) - warning
19:11:17.0939 2232 SQLWriter - detected LockedFile.Multi.Generic (1)
19:11:17.0959 2232 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:11:17.0964 2232 srv - ok
19:11:17.0978 2232 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:11:17.0982 2232 srv2 - ok
19:11:18.0011 2232 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:11:18.0013 2232 srvnet - ok
19:11:18.0045 2232 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:11:18.0050 2232 SSDPSRV - ok
19:11:18.0066 2232 [ 5F77725EC309DE1242D8EFC8E9259A9F ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
19:11:18.0068 2232 SSPORT - ok
19:11:18.0093 2232 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:11:18.0103 2232 SstpSvc - ok
19:11:18.0143 2232 Steam Client Service - ok
19:11:18.0181 2232 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:11:18.0182 2232 Suspicious file (NoAccess): C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe. md5: C354621B6B94E10AE7F5CDBE745FEB86
19:11:18.0182 2232 Stereo Service ( LockedFile.Multi.Generic ) - warning
19:11:18.0182 2232 Stereo Service - detected LockedFile.Multi.Generic (1)
19:11:18.0202 2232 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:11:18.0203 2232 stexstor - ok
19:11:18.0229 2232 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:11:18.0236 2232 StiSvc - ok
19:11:18.0257 2232 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:11:18.0259 2232 storflt - ok
19:11:18.0278 2232 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:11:18.0280 2232 storvsc - ok
19:11:18.0300 2232 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:11:18.0302 2232 swenum - ok
19:11:18.0330 2232 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:11:18.0339 2232 swprv - ok
19:11:18.0356 2232 Symantec SymSnap VSS Provider - ok
19:11:18.0375 2232 [ D3218867AFDF74D7AB76A3911B4544A2 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
19:11:18.0377 2232 symsnap - ok
19:11:18.0456 2232 [ E79184F51F3474568011818F08B7195C ] SymSnapService D:\Programmi\Norton Ghost\Shared\Drivers\SymSnapService.exe
19:11:18.0479 2232 SymSnapService - ok
19:11:18.0517 2232 SynasUSB - ok
19:11:18.0520 2232 Synth3dVsc - ok
19:11:18.0551 2232 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:11:18.0568 2232 SysMain - ok
19:11:18.0585 2232 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:11:18.0588 2232 TabletInputService - ok
19:11:18.0602 2232 [ 1E89DE7A4FB7A854EBB241D0AA8996DD ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:11:18.0604 2232 tap0901 - ok
19:11:18.0626 2232 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:11:18.0631 2232 TapiSrv - ok
19:11:18.0662 2232 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:11:18.0666 2232 TBS - ok
19:11:18.0705 2232 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:11:18.0722 2232 Tcpip - ok
19:11:18.0746 2232 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:11:18.0752 2232 TCPIP6 - ok
19:11:18.0758 2232 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:11:18.0759 2232 tcpipreg - ok
19:11:18.0779 2232 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:11:18.0780 2232 TDPIPE - ok
19:11:18.0800 2232 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:11:18.0801 2232 TDTCP - ok
19:11:18.0830 2232 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:11:18.0832 2232 tdx - ok
19:11:19.0047 2232 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 D:\Programmi\TeamViewer 7\TeamViewer_Service.exe
19:11:19.0099 2232 TeamViewer7 - ok
19:11:19.0115 2232 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:11:19.0116 2232 TermDD - ok
19:11:19.0143 2232 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:11:19.0151 2232 TermService - ok
19:11:19.0178 2232 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:11:19.0186 2232 Themes - ok
19:11:19.0197 2232 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:11:19.0199 2232 THREADORDER - ok
19:11:19.0248 2232 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService D:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
19:11:19.0263 2232 TomTomHOMEService - ok
19:11:19.0276 2232 TPkd - ok
19:11:19.0304 2232 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:11:19.0313 2232 TrkWks - ok
19:11:19.0354 2232 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:11:19.0358 2232 TrustedInstaller - ok
19:11:19.0371 2232 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:11:19.0372 2232 tssecsrv - ok
19:11:19.0389 2232 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:11:19.0391 2232 TsUsbFlt - ok
19:11:19.0394 2232 tsusbhub - ok
19:11:19.0427 2232 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:11:19.0429 2232 tunnel - ok
19:11:19.0446 2232 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:11:19.0447 2232 uagp35 - ok
19:11:19.0461 2232 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:11:19.0464 2232 udfs - ok
19:11:19.0488 2232 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:11:19.0491 2232 UI0Detect - ok
19:11:19.0510 2232 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:11:19.0511 2232 uliagpkx - ok
19:11:19.0541 2232 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:11:19.0542 2232 umbus - ok
19:11:19.0557 2232 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:11:19.0559 2232 UmPass - ok
19:11:19.0580 2232 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:11:19.0585 2232 UmRdpService - ok
19:11:19.0599 2232 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:11:19.0604 2232 upnphost - ok
19:11:19.0636 2232 [ EC01DA44B090D2651FC032C8B9257232 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:11:19.0637 2232 upperdev - ok
19:11:19.0659 2232 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:11:19.0661 2232 USBAAPL - ok
19:11:19.0679 2232 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:11:19.0680 2232 usbaudio - ok
19:11:19.0707 2232 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
19:11:19.0724 2232 usbbus - ok
19:11:19.0745 2232 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:11:19.0747 2232 usbccgp - ok
19:11:19.0783 2232 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:11:19.0785 2232 usbcir - ok
19:11:19.0789 2232 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
19:11:19.0791 2232 UsbDiag - ok
19:11:19.0800 2232 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:11:19.0801 2232 usbehci - ok
19:11:19.0812 2232 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:11:19.0815 2232 usbhub - ok
19:11:19.0835 2232 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
19:11:19.0837 2232 USBModem - ok
19:11:19.0854 2232 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:11:19.0857 2232 usbohci - ok
19:11:19.0882 2232 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:11:19.0884 2232 usbprint - ok
19:11:19.0899 2232 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:11:19.0901 2232 usbscan - ok
19:11:19.0933 2232 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
19:11:19.0935 2232 usbser - ok
19:11:19.0963 2232 [ 4ABD37CFBD710E64F01F9DA8710C73F7 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:11:19.0965 2232 UsbserFilt - ok
19:11:19.0986 2232 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:11:19.0988 2232 USBSTOR - ok
19:11:20.0008 2232 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:11:20.0017 2232 usbuhci - ok
19:11:20.0037 2232 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:11:20.0040 2232 UxSms - ok
19:11:20.0055 2232 [ 1747E022B76BC248795B0AEDECCCF96F ] v2imount C:\Windows\system32\DRIVERS\v2imount.sys
19:11:20.0057 2232 v2imount - ok
19:11:20.0065 2232 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:11:20.0067 2232 VaultSvc - ok
19:11:20.0105 2232 [ 103B23EC82C08FC4BDBC369552FFAB2A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:11:20.0107 2232 VBoxDrv - ok
19:11:20.0139 2232 [ 226CD9E42BE28A84EC56430FBB57224F ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:11:20.0141 2232 VBoxNetAdp - ok
19:11:20.0154 2232 [ 0A5D6512DCB14135A388D0E7E69E01BB ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:11:20.0156 2232 VBoxNetFlt - ok
19:11:20.0182 2232 [ 7AE644EEFA57F271BCCAFE825B486812 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
19:11:20.0184 2232 VBoxUSB - ok
19:11:20.0209 2232 [ 96A478EDFB1FBF1FC663BEB09B4175A8 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:11:20.0227 2232 VBoxUSBMon - ok
19:11:20.0249 2232 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:11:20.0251 2232 vdrvroot - ok
19:11:20.0278 2232 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:11:20.0296 2232 vds - ok
19:11:20.0318 2232 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:11:20.0319 2232 vga - ok
19:11:20.0332 2232 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:11:20.0333 2232 VgaSave - ok
19:11:20.0336 2232 VGPU - ok
19:11:20.0359 2232 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:11:20.0370 2232 vhdmp - ok
19:11:20.0390 2232 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:11:20.0392 2232 viaagp - ok
19:11:20.0400 2232 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:11:20.0401 2232 ViaC7 - ok
19:11:20.0418 2232 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:11:20.0419 2232 viaide - ok
19:11:20.0442 2232 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:11:20.0445 2232 vmbus - ok
19:11:20.0460 2232 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:11:20.0461 2232 VMBusHID - ok
19:11:20.0520 2232 [ 817DA66B1B889FAD1DBF669E0E2F3228 ] vmm C:\Windows\system32\Drivers\vmm.sys
19:11:20.0523 2232 vmm - ok
19:11:20.0566 2232 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:11:20.0568 2232 volmgr - ok
19:11:20.0587 2232 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:11:20.0591 2232 volmgrx - ok
19:11:20.0613 2232 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:11:20.0622 2232 volsnap - ok
19:11:20.0658 2232 [ 2ABE8281DB609D8BB1BD1B2F93800D5F ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
19:11:20.0660 2232 VPCNetS2 - ok
19:11:20.0678 2232 [ E78781B2C86C92A0A738DF566460F716 ] VProEventMonitor C:\Windows\system32\DRIVERS\vproeventmonitor.sys
19:11:20.0680 2232 VProEventMonitor - ok
19:11:20.0718 2232 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:11:20.0729 2232 vsmraid - ok
19:11:20.0760 2232 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:11:20.0776 2232 VSS - ok
19:11:20.0801 2232 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:11:20.0802 2232 vwifibus - ok
19:11:20.0822 2232 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:11:20.0828 2232 W32Time - ok
19:11:20.0839 2232 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:11:20.0840 2232 WacomPen - ok
19:11:20.0860 2232 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:11:20.0861 2232 WANARP - ok
19:11:20.0864 2232 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:11:20.0864 2232 Wanarpv6 - ok
19:11:20.0884 2232 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:11:20.0917 2232 wbengine - ok
19:11:20.0940 2232 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:11:20.0944 2232 WbioSrvc - ok
19:11:20.0965 2232 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:11:20.0971 2232 wcncsvc - ok
19:11:20.0987 2232 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:11:20.0997 2232 WcsPlugInService - ok
19:11:21.0009 2232 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:11:21.0011 2232 Wd - ok
19:11:21.0028 2232 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:11:21.0034 2232 Wdf01000 - ok
19:11:21.0048 2232 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:11:21.0051 2232 WdiServiceHost - ok
19:11:21.0054 2232 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:11:21.0057 2232 WdiSystemHost - ok
19:11:21.0084 2232 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:11:21.0092 2232 WebClient - ok
19:11:21.0107 2232 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:11:21.0111 2232 Wecsvc - ok
19:11:21.0125 2232 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:11:21.0128 2232 wercplsupport - ok
19:11:21.0144 2232 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:11:21.0147 2232 WerSvc - ok
19:11:21.0164 2232 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:11:21.0165 2232 WfpLwf - ok
19:11:21.0185 2232 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:11:21.0194 2232 WimFltr - ok
19:11:21.0200 2232 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:11:21.0202 2232 WIMMount - ok
19:11:21.0275 2232 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:11:21.0291 2232 WinDefend - ok
19:11:21.0296 2232 WinHttpAutoProxySvc - ok
19:11:21.0346 2232 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:11:21.0349 2232 Winmgmt - ok
19:11:21.0388 2232 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:11:21.0416 2232 WinRM - ok
19:11:21.0450 2232 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:11:21.0451 2232 WinUsb - ok
19:11:21.0477 2232 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:11:21.0494 2232 Wlansvc - ok
19:11:21.0564 2232 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:11:21.0600 2232 wlidsvc - ok
19:11:21.0621 2232 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:11:21.0622 2232 WmiAcpi - ok
19:11:21.0635 2232 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:11:21.0637 2232 wmiApSrv - ok
19:11:21.0692 2232 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:11:21.0708 2232 WMPNetworkSvc - ok
19:11:21.0730 2232 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:11:21.0733 2232 WPCSvc - ok
19:11:21.0753 2232 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:11:21.0757 2232 WPDBusEnum - ok
19:11:21.0781 2232 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:11:21.0788 2232 ws2ifsl - ok
19:11:21.0825 2232 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
19:11:21.0832 2232 wscsvc - ok
19:11:21.0835 2232 WSearch - ok
19:11:21.0909 2232 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:11:21.0955 2232 wuauserv - ok
19:11:21.0979 2232 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:11:21.0981 2232 WudfPf - ok
19:11:21.0997 2232 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:11:22.0000 2232 WUDFRd - ok
19:11:22.0020 2232 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:11:22.0027 2232 wudfsvc - ok
19:11:22.0046 2232 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:11:22.0051 2232 WwanSvc - ok
19:11:22.0072 2232 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:11:22.0074 2232 xusb21 - ok
19:11:22.0112 2232 [ B79B9DBC3C974F165B5D8054A8A932A6 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
19:11:22.0116 2232 yukonw7 - ok
19:11:22.0146 2232 ================ Scan global ===============================
19:11:22.0169 2232 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:11:22.0197 2232 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:11:22.0214 2232 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:11:22.0236 2232 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:11:22.0248 2232 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:11:22.0253 2232 [Global] - ok
19:11:22.0253 2232 ================ Scan MBR ==================================
19:11:22.0260 2232 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:11:22.0605 2232 \Device\Harddisk1\DR1 - ok
19:11:22.0609 2232 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:11:22.0611 2232 \Device\Harddisk0\DR0 - ok
19:11:22.0611 2232 ================ Scan VBR ==================================
19:11:22.0613 2232 [ CD07960C72614E82F85D11F5769F0473 ] \Device\Harddisk1\DR1\Partition1
19:11:22.0614 2232 \Device\Harddisk1\DR1\Partition1 - ok
19:11:22.0631 2232 [ D475533AD505878CF471DD1DB0428E13 ] \Device\Harddisk1\DR1\Partition2
19:11:22.0633 2232 \Device\Harddisk1\DR1\Partition2 - ok
19:11:22.0635 2232 [ 80F9C38F4324657872AEADA65912E658 ] \Device\Harddisk0\DR0\Partition1
19:11:22.0636 2232 \Device\Harddisk0\DR0\Partition1 - ok
19:11:22.0636 2232 ============================================================
19:11:22.0636 2232 Scan finished
19:11:22.0636 2232 ============================================================
19:11:22.0643 5380 Detected object count: 7
19:11:22.0643 5380 Actual detected object count: 7
19:11:50.0352 5380 Bonjour Service ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0352 5380 Bonjour Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0352 5380 iPod Service ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0352 5380 iPod Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0353 5380 OTFSDMS ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0353 5380 OTFSDMS ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0354 5380 ServiceLayer ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0354 5380 ServiceLayer ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0355 5380 SQLBrowser ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0355 5380 SQLBrowser ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0355 5380 SQLWriter ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0356 5380 SQLWriter ( LockedFile.Multi.Generic ) - User select action: Skip
19:11:50.0356 5380 Stereo Service ( LockedFile.Multi.Generic ) - skipped by user
19:11:50.0356 5380 Stereo Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:18.0205 0640 ============================================================
19:12:18.0205 0640 Scan started
19:12:18.0205 0640 Mode: Manual;
19:12:18.0205 0640 ============================================================
19:12:18.0488 0640 ================ Scan system memory ========================
19:12:18.0488 0640 System memory - ok
19:12:18.0488 0640 ================ Scan services =============================
19:12:18.0603 0640 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:12:18.0604 0640 1394ohci - ok
19:12:18.0654 0640 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - ok
19:12:18.0684 0640 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:12:18.0685 0640 ACPI - ok
19:12:18.0696 0640 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:12:18.0697 0640 AcpiPmi - ok
19:12:18.0755 0640 [ 45F684F9F3BCCD98F294FF5CB8F25DE8 ] AcrSch2Svc C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
19:12:18.0758 0640 AcrSch2Svc - ok
19:12:18.0782 0640 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
19:12:18.0783 0640 adfs - ok
19:12:18.0825 0640 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:18.0826 0640 AdobeARMservice - ok
19:12:18.0850 0640 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:12:18.0852 0640 adp94xx - ok
19:12:18.0868 0640 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:12:18.0869 0640 adpahci - ok
19:12:18.0881 0640 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:12:18.0882 0640 adpu320 - ok
19:12:18.0900 0640 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:12:18.0900 0640 AeLookupSvc - ok
19:12:18.0929 0640 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:12:18.0931 0640 AFD - ok
19:12:18.0949 0640 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:12:18.0950 0640 agp440 - ok
19:12:18.0960 0640 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:12:18.0961 0640 aic78xx - ok
19:12:18.0975 0640 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:12:18.0976 0640 ALG - ok
19:12:18.0995 0640 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:12:18.0995 0640 aliide - ok
19:12:19.0045 0640 ALSysIO - ok
19:12:19.0063 0640 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:12:19.0063 0640 amdagp - ok
19:12:19.0075 0640 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:12:19.0075 0640 amdide - ok
19:12:19.0083 0640 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:12:19.0084 0640 AmdK8 - ok
19:12:19.0098 0640 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:12:19.0098 0640 AmdPPM - ok
19:12:19.0112 0640 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:12:19.0112 0640 amdsata - ok
19:12:19.0134 0640 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:12:19.0135 0640 amdsbs - ok
19:12:19.0142 0640 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:12:19.0143 0640 amdxata - ok
19:12:19.0197 0640 [ 2ADB63726BA3025B46E862F48F2B7FA5 ] AntDS D:\Programmi\BigAnt\Server\AntDS.exe
19:12:19.0200 0640 AntDS - ok
19:12:19.0234 0640 [ 1521A4EF2BC170E7B0C5FBEA3B72F2DE ] AntServer D:\Programmi\BigAnt\Server\AntServer.exe
19:12:19.0239 0640 AntServer - ok
19:12:19.0265 0640 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:12:19.0265 0640 AppID - ok
19:12:19.0278 0640 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:12:19.0279 0640 AppIDSvc - ok
19:12:19.0296 0640 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:12:19.0297 0640 Appinfo - ok
19:12:19.0338 0640 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:19.0340 0640 Apple Mobile Device - ok
19:12:19.0361 0640 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:12:19.0362 0640 AppMgmt - ok
19:12:19.0383 0640 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:12:19.0384 0640 arc - ok
19:12:19.0388 0640 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:12:19.0389 0640 arcsas - ok
19:12:19.0454 0640 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:12:19.0454 0640 aspnet_state - ok
19:12:19.0467 0640 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:19.0468 0640 AsyncMac - ok
19:12:19.0491 0640 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:12:19.0491 0640 atapi - ok
19:12:19.0516 0640 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:12:19.0518 0640 atksgt - ok
19:12:19.0548 0640 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:12:19.0551 0640 AudioEndpointBuilder - ok
19:12:19.0580 0640 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:12:19.0582 0640 Audiosrv - ok
19:12:19.0600 0640 [ 805773FE021253473827229985CDF73B ] AvServer D:\Programmi\BigAnt\Server\AvServer.exe
19:12:19.0601 0640 AvServer - ok
19:12:19.0630 0640 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:12:19.0631 0640 AxInstSV - ok
19:12:19.0653 0640 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:12:19.0655 0640 b06bdrv - ok
19:12:19.0688 0640 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:12:19.0689 0640 b57nd60x - ok
19:12:19.0704 0640 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:12:19.0705 0640 BDESVC - ok
19:12:19.0715 0640 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:12:19.0716 0640 Beep - ok
19:12:19.0733 0640 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:12:19.0739 0640 BFE - ok
19:12:19.0766 0640 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
19:12:19.0770 0640 BITS - ok
19:12:19.0782 0640 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:19.0783 0640 blbdrive - ok
19:12:19.0823 0640 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:12:19.0823 0640 Suspicious file (NoAccess): C:\Program Files\Bonjour\mDNSResponder.exe. md5: DB5BEA73EDAF19AC68B2C0FAD0F92B1A
19:12:19.0824 0640 Bonjour Service ( LockedFile.Multi.Generic ) - warning
19:12:19.0824 0640 Bonjour Service - detected LockedFile.Multi.Generic (1)
19:12:19.0865 0640 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:12:19.0866 0640 bowser - ok
19:12:19.0893 0640 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:19.0910 0640 BrFiltLo - ok
19:12:19.0918 0640 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:19.0919 0640 BrFiltUp - ok
19:12:19.0939 0640 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:12:19.0941 0640 BridgeMP - ok
19:12:19.0956 0640 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:12:19.0958 0640 Browser - ok
19:12:19.0970 0640 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:12:19.0981 0640 Brserid - ok
19:12:19.0985 0640 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:19.0987 0640 BrSerWdm - ok
19:12:19.0990 0640 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:19.0990 0640 BrUsbMdm - ok
19:12:19.0993 0640 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:19.0993 0640 BrUsbSer - ok
19:12:20.0008 0640 [ 5EAB553A9F317B07D7A5912FF182357C ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
19:12:20.0008 0640 BthAvrcp - ok
19:12:20.0029 0640 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:12:20.0031 0640 BthEnum - ok
19:12:20.0042 0640 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:20.0043 0640 BTHMODEM - ok
19:12:20.0055 0640 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:12:20.0057 0640 BthPan - ok
19:12:20.0077 0640 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:12:20.0082 0640 BTHPORT - ok
19:12:20.0109 0640 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:12:20.0111 0640 bthserv - ok
19:12:20.0125 0640 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:12:20.0125 0640 BTHUSB - ok
19:12:20.0160 0640 [ 0F5CA31BB3FDB5C1E63C170CFBECC93B ] CamDrL C:\Windows\system32\DRIVERS\Camdrl.sys
19:12:20.0165 0640 CamDrL - ok
19:12:20.0167 0640 catchme - ok
19:12:20.0171 0640 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:12:20.0173 0640 cdfs - ok
19:12:20.0195 0640 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:12:20.0196 0640 cdrom - ok
19:12:20.0230 0640 [ 4F16CBA65FAA457BCFF7CC614D7880D1 ] Cepstral License Server D:\Programmi\Cepstral\bin\CepstralLicSrv.exe
19:12:20.0232 0640 Cepstral License Server - ok
19:12:20.0262 0640 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:12:20.0264 0640 CertPropSvc - ok
19:12:20.0337 0640 [ 56A3EB5472D27B2224358A5CECEFE410 ] CGVPNCliSrvc D:\Programmi\CyberGhost VPN\CGVPNCliService.exe
19:12:20.0348 0640 CGVPNCliSrvc - ok
19:12:20.0365 0640 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:12:20.0366 0640 circlass - ok
19:12:20.0395 0640 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:12:20.0399 0640 CLFS - ok
19:12:20.0452 0640 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:20.0454 0640 clr_optimization_v2.0.50727_32 - ok
19:12:20.0489 0640 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:20.0497 0640 clr_optimization_v4.0.30319_32 - ok
19:12:20.0511 0640 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:20.0512 0640 CmBatt - ok
19:12:20.0522 0640 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:12:20.0523 0640 cmdide - ok
19:12:20.0545 0640 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:12:20.0547 0640 CNG - ok
19:12:20.0563 0640 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:12:20.0564 0640 Compbatt - ok
19:12:20.0583 0640 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:12:20.0584 0640 CompositeBus - ok
19:12:20.0587 0640 COMSysApp - ok
19:12:20.0590 0640 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:20.0591 0640 crcdisk - ok
19:12:20.0624 0640 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:12:20.0626 0640 Creative ALchemy AL6 Licensing Service - ok
19:12:20.0631 0640 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:12:20.0634 0640 Creative Audio Engine Licensing Service - ok
19:12:20.0660 0640 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:12:20.0662 0640 CryptSvc - ok
19:12:20.0684 0640 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
19:12:20.0687 0640 CSC - ok
19:12:20.0711 0640 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:12:20.0718 0640 CscService - ok
19:12:20.0737 0640 [ 5C4C3C1D3B626CFF74316DD07C8B6A1F ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
19:12:20.0738 0640 csr_a2dp - ok
19:12:20.0755 0640 [ B9106942EB5DD0E034AB40A9D48D056E ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
19:12:20.0755 0640 CT20XUT - ok
19:12:20.0760 0640 [ B9106942EB5DD0E034AB40A9D48D056E ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
19:12:20.0761 0640 CT20XUT.SYS - ok
19:12:20.0779 0640 [ F2B1D0A3D21BD0D9F46457CBCEC1A0E9 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
19:12:20.0781 0640 ctac32k - ok
19:12:20.0799 0640 [ 44F60A5E3C3A8A6BBA4C280948EA6095 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
19:12:20.0802 0640 ctaud2k - ok
19:12:20.0859 0640 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
19:12:20.0864 0640 CTAudSvcService - ok
19:12:20.0883 0640 [ 8CBE82D6BBF206E144F22CB33FAB1F2C ] ctdvda2k C:\Windows\system32\drivers\ctdvda2k.sys
19:12:20.0888 0640 ctdvda2k - ok
19:12:20.0931 0640 [ 4AE083D16AC9FC9BDF98498F93426226 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
19:12:20.0939 0640 CTEXFIFX - ok
19:12:20.0973 0640 [ 4AE083D16AC9FC9BDF98498F93426226 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
19:12:20.0979 0640 CTEXFIFX.SYS - ok
19:12:20.0996 0640 [ B610BFE02F9FC0CB0B1CDE3EC4C13FFA ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
19:12:20.0997 0640 CTHWIUT - ok
19:12:21.0005 0640 [ B610BFE02F9FC0CB0B1CDE3EC4C13FFA ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
19:12:21.0005 0640 CTHWIUT.SYS - ok
19:12:21.0015 0640 [ F0F19A13C948E5289601E354B08E0941 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
19:12:21.0015 0640 ctprxy2k - ok
19:12:21.0026 0640 [ C7B2C36A6203A5F3D0A378FD78C5DDD6 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
19:12:21.0027 0640 ctsfm2k - ok
19:12:21.0054 0640 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:12:21.0057 0640 DcomLaunch - ok
19:12:21.0078 0640 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:12:21.0081 0640 defragsvc - ok
19:12:21.0099 0640 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:12:21.0100 0640 DfsC - ok
19:12:21.0112 0640 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:12:21.0115 0640 Dhcp - ok
19:12:21.0135 0640 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:12:21.0136 0640 discache - ok
19:12:21.0144 0640 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:12:21.0145 0640 Disk - ok
19:12:21.0161 0640 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:12:21.0164 0640 Dnscache - ok
19:12:21.0187 0640 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:12:21.0191 0640 dot3svc - ok
19:12:21.0211 0640 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:12:21.0213 0640 DPS - ok
19:12:21.0231 0640 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:12:21.0232 0640 drmkaud - ok
19:12:21.0263 0640 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:12:21.0266 0640 DXGKrnl - ok
19:12:21.0289 0640 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:12:21.0298 0640 EapHost - ok
19:12:21.0376 0640 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:12:21.0437 0640 ebdrv - ok
19:12:21.0453 0640 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:12:21.0455 0640 EFS - ok
19:12:21.0475 0640 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:12:21.0484 0640 elxstor - ok
19:12:21.0507 0640 [ FB2D6D4D14AE801F5267B0368FC0CB0C ] emupia C:\Windows\system32\drivers\emupia2k.sys
19:12:21.0508 0640 emupia - ok
19:12:21.0529 0640 [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv C:\Windows\system32\epmntdrv.sys
19:12:21.0531 0640 epmntdrv - ok
19:12:21.0593 0640 [ CDCA791AFA0483F44BBA576DBFAFD04D ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
19:12:21.0595 0640 EPSON_PM_RPCV4_01 - ok
19:12:21.0616 0640 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:12:21.0618 0640 ErrDev - ok
19:12:21.0634 0640 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
19:12:21.0636 0640 EuGdiDrv - ok
19:12:21.0663 0640 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:12:21.0667 0640 EventSystem - ok
19:12:21.0683 0640 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:12:21.0686 0640 exfat - ok
19:12:21.0709 0640 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:12:21.0711 0640 fastfat - ok
19:12:21.0735 0640 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:12:21.0742 0640 Fax - ok
19:12:21.0755 0640 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:12:21.0755 0640 fdc - ok
19:12:21.0764 0640 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:12:21.0765 0640 fdPHost - ok
19:12:21.0782 0640 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:12:21.0790 0640 FDResPub - ok
19:12:21.0799 0640 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:12:21.0800 0640 FileInfo - ok
19:12:21.0814 0640 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:12:21.0816 0640 Filetrace - ok
19:12:21.0853 0640 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:12:21.0860 0640 FLEXnet Licensing Service - ok
19:12:21.0864 0640 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:21.0865 0640 flpydisk - ok
19:12:21.0880 0640 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:12:21.0881 0640 FltMgr - ok
19:12:21.0908 0640 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:12:21.0932 0640 FontCache - ok
19:12:21.0975 0640 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:12:21.0976 0640 FontCache3.0.0.0 - ok
19:12:21.0981 0640 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:12:21.0983 0640 FsDepends - ok
19:12:22.0002 0640 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:12:22.0003 0640 Fs_Rec - ok
19:12:22.0023 0640 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:12:22.0024 0640 fvevol - ok
19:12:22.0032 0640 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:12:22.0034 0640 gagp30kx - ok
19:12:22.0057 0640 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:12:22.0058 0640 GEARAspiWDM - ok
19:12:22.0074 0640 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
19:12:22.0075 0640 giveio - ok
19:12:22.0098 0640 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:12:22.0106 0640 gpsvc - ok
19:12:22.0150 0640 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:12:22.0152 0640 gupdate - ok
19:12:22.0158 0640 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:12:22.0159 0640 gupdatem - ok
19:12:22.0186 0640 [ 7FF1CED1201C169A783B0E81CC561FBA ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
19:12:22.0191 0640 ha20x2k - ok
19:12:22.0211 0640 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:12:22.0212 0640 hamachi - ok
19:12:22.0234 0640 Hamachi2Svc - ok
19:12:22.0257 0640 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:12:22.0265 0640 hcw85cir - ok
19:12:22.0280 0640 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:12:22.0284 0640 HdAudAddService - ok
19:12:22.0308 0640 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:12:22.0309 0640 HDAudBus - ok
19:12:22.0317 0640 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:12:22.0317 0640 HidBatt - ok
19:12:22.0326 0640 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:12:22.0327 0640 HidBth - ok
19:12:22.0330 0640 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:12:22.0331 0640 HidIr - ok
19:12:22.0350 0640 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:12:22.0352 0640 hidserv - ok
19:12:22.0371 0640 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:12:22.0371 0640 HidUsb - ok
19:12:22.0392 0640 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:12:22.0395 0640 hkmsvc - ok
19:12:22.0418 0640 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:12:22.0420 0640 HomeGroupListener - ok
19:12:22.0445 0640 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:12:22.0449 0640 HomeGroupProvider - ok
19:12:22.0473 0640 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:12:22.0473 0640 HpSAMD - ok
19:12:22.0496 0640 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:12:22.0499 0640 HTTP - ok
19:12:22.0508 0640 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:12:22.0508 0640 hwpolicy - ok
19:12:22.0529 0640 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:12:22.0529 0640 i8042prt - ok
19:12:22.0546 0640 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:12:22.0547 0640 iaStorV - ok
19:12:22.0586 0640 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:12:22.0601 0640 idsvc - ok
19:12:22.0623 0640 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:12:22.0624 0640 iirsp - ok
19:12:22.0646 0640 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:12:22.0654 0640 IKEEXT - ok
19:12:22.0670 0640 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:12:22.0671 0640 intelide - ok
19:12:22.0684 0640 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:12:22.0684 0640 intelppm - ok
19:12:22.0708 0640 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:12:22.0717 0640 IPBusEnum - ok
19:12:22.0721 0640 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:22.0723 0640 IpFilterDriver - ok
19:12:22.0747 0640 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:12:22.0750 0640 iphlpsvc - ok
19:12:22.0766 0640 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:12:22.0767 0640 IPMIDRV - ok
19:12:22.0771 0640 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:12:22.0773 0640 IPNAT - ok
19:12:22.0818 0640 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:12:22.0818 0640 Suspicious file (NoAccess): C:\Program Files\iPod\bin\iPodService.exe. md5: 178FE38B7740F598391EB2F51AE4CCAC
19:12:22.0820 0640 iPod Service ( LockedFile.Multi.Generic ) - warning
19:12:22.0820 0640 iPod Service - detected LockedFile.Multi.Generic (1)
19:12:22.0833 0640 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:12:22.0834 0640 IRENUM - ok
19:12:22.0838 0640 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:12:22.0838 0640 isapnp - ok
19:12:22.0855 0640 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:12:22.0859 0640 iScsiPrt - ok
19:12:22.0869 0640 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:12:22.0869 0640 kbdclass - ok
19:12:22.0888 0640 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:12:22.0888 0640 kbdhid - ok
19:12:22.0901 0640 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:12:22.0903 0640 KeyIso - ok
19:12:22.0922 0640 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:12:22.0923 0640 KSecDD - ok
19:12:22.0946 0640 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:12:22.0947 0640 KSecPkg - ok
19:12:22.0973 0640 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:12:22.0978 0640 KtmRm - ok
19:12:23.0000 0640 [ 5873EB46776315A4CC2E02297FD21D6F ] L6SeaMonkDev C:\Windows\system32\Drivers\L6SM.sys
19:12:23.0002 0640 L6SeaMonkDev - ok
19:12:23.0020 0640 [ 1C219FABFB146C18CCEACCAC51282225 ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
19:12:23.0021 0640 L8042Kbd - ok
19:12:23.0038 0640 [ 4CC7C98B133CE333B869F771CA30FFA3 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
19:12:23.0039 0640 L8042mou - ok
19:12:23.0060 0640 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
19:12:23.0063 0640 LanmanServer - ok
19:12:23.0079 0640 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:23.0081 0640 LanmanWorkstation - ok
19:12:23.0119 0640 [ 9582504591A9F405F7505FEFB4F64123 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:12:23.0124 0640 LBTServ - ok
19:12:23.0146 0640 [ 170E7093A77AD586F3A012A3DB651D94 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
19:12:23.0146 0640 LGBusEnum - ok
19:12:23.0166 0640 [ D2DD04D1C8DF65EECD1F2C7FB947D43E ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
19:12:23.0166 0640 LGVirHid - ok
19:12:23.0174 0640 [ 05D6B85ECC3204931923AB7940B9596E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:12:23.0174 0640 LHidFilt - ok
19:12:23.0185 0640 [ 03976C309EDE05D39017C05B817CD94F ] LHidFlt2 C:\Windows\system32\DRIVERS\LHidFlt2.Sys
19:12:23.0187 0640 LHidFlt2 - ok
19:12:23.0194 0640 [ 25688115843C4028686A96D88BC28007 ] LHidUsb C:\Windows\system32\Drivers\LHidUsb.Sys
19:12:23.0195 0640 LHidUsb - ok
19:12:23.0207 0640 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:12:23.0207 0640 lirsgt - ok
19:12:23.0290 0640 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
19:12:23.0346 0640 LiveUpdate - ok
19:12:23.0367 0640 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:12:23.0367 0640 lltdio - ok
19:12:23.0392 0640 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:12:23.0394 0640 lltdsvc - ok
19:12:23.0410 0640 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:12:23.0411 0640 lmhosts - ok
19:12:23.0435 0640 [ 053DBCC1082FDF74AB145A71917A6556 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:12:23.0435 0640 LMouFilt - ok
19:12:23.0439 0640 [ 26407519FCA64EC4091FE1F815B4AFC4 ] LMouFlt2 C:\Windows\system32\DRIVERS\LMouFlt2.Sys
19:12:23.0440 0640 LMouFlt2 - ok
19:12:23.0464 0640 [ FE5877AC25B1B9DD4E14E81ABB5E16CD ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
19:12:23.0465 0640 LMouKE - ok
19:12:23.0475 0640 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:12:23.0477 0640 LSI_FC - ok
19:12:23.0485 0640 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:12:23.0485 0640 LSI_SAS - ok
19:12:23.0489 0640 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:12:23.0490 0640 LSI_SAS2 - ok
19:12:23.0496 0640 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:12:23.0498 0640 LSI_SCSI - ok
19:12:23.0509 0640 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:12:23.0509 0640 luafv - ok
19:12:23.0548 0640 [ B0456B8A332135C1216FF2374B584161 ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
19:12:23.0556 0640 lvpopflt - ok
19:12:23.0571 0640 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
19:12:23.0571 0640 LVPr2Mon - ok
19:12:23.0598 0640 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:12:23.0601 0640 LVPrcSrv - ok
19:12:23.0612 0640 [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
19:12:23.0613 0640 LVUSBSta - ok
19:12:23.0695 0640 [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
19:12:23.0716 0640 LVUVC - ok
19:12:23.0741 0640 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:12:23.0742 0640 megasas - ok
19:12:23.0759 0640 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:12:23.0762 0640 MegaSR - ok
19:12:23.0792 0640 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:12:23.0800 0640 MMCSS - ok
19:12:23.0809 0640 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:12:23.0810 0640 Modem - ok
19:12:23.0821 0640 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:12:23.0822 0640 monitor - ok
19:12:23.0843 0640 [ F3D9723A0AEA85186328BC090A3A0614 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:12:23.0845 0640 MotioninJoyXFilter - ok
19:12:23.0849 0640 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:12:23.0849 0640 mouclass - ok
19:12:23.0865 0640 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:12:23.0865 0640 mouhid - ok
19:12:23.0888 0640 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:12:23.0888 0640 mountmgr - ok
19:12:23.0911 0640 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:12:23.0913 0640 MozillaMaintenance - ok
19:12:23.0931 0640 [ 520E878034265A4BE26A1ADA79A6346A ] mpfilt C:\Windows\system32\drivers\mpfilt.sys
19:12:23.0931 0640 mpfilt - ok
19:12:23.0946 0640 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:12:23.0948 0640 mpio - ok
19:12:23.0962 0640 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:12:23.0963 0640 mpsdrv - ok
19:12:23.0988 0640 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:12:24.0005 0640 MpsSvc - ok
19:12:24.0019 0640 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:12:24.0019 0640 MRxDAV - ok
19:12:24.0034 0640 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:24.0035 0640 mrxsmb - ok
19:12:24.0056 0640 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:24.0057 0640 mrxsmb10 - ok
19:12:24.0069 0640 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:24.0070 0640 mrxsmb20 - ok
19:12:24.0087 0640 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:12:24.0089 0640 msahci - ok
19:12:24.0098 0640 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:12:24.0100 0640 msdsm - ok
19:12:24.0118 0640 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:12:24.0121 0640 MSDTC - ok
19:12:24.0140 0640 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:12:24.0141 0640 Msfs - ok
19:12:24.0155 0640 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:12:24.0156 0640 mshidkmdf - ok
19:12:24.0158 0640 MSICDSetup - ok
19:12:24.0173 0640 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:12:24.0174 0640 msisadrv - ok
19:12:24.0196 0640 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:12:24.0209 0640 MSiSCSI - ok
19:12:24.0212 0640 msiserver - ok
19:12:24.0228 0640 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:12:24.0228 0640 MSKSSRV - ok
19:12:24.0232 0640 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:24.0232 0640 MSPCLOCK - ok
19:12:24.0248 0640 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:12:24.0249 0640 MSPQM - ok
19:12:24.0260 0640 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:12:24.0262 0640 MsRPC - ok
19:12:24.0285 0640 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:12:24.0285 0640 mssmbios - ok
19:12:24.0363 0640 MSSQL$SQLEXPRESS - ok
19:12:24.0441 0640 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:12:24.0442 0640 MSSQLServerADHelper100 - ok
19:12:24.0452 0640 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:12:24.0452 0640 MSTEE - ok
19:12:24.0466 0640 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:12:24.0466 0640 MTConfig - ok
19:12:24.0484 0640 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:12:24.0485 0640 MTsensor - ok
19:12:24.0492 0640 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:12:24.0492 0640 Mup - ok
19:12:24.0511 0640 [ D186D031B0832A5438EC1AC2C5D74E9D ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
19:12:24.0512 0640 mv2 - ok
19:12:24.0529 0640 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:12:24.0532 0640 napagent - ok
19:12:24.0549 0640 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:12:24.0552 0640 NativeWifiP - ok
19:12:24.0585 0640 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:12:24.0589 0640 NDIS - ok
19:12:24.0601 0640 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:12:24.0603 0640 NdisCap - ok
19:12:24.0611 0640 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:24.0611 0640 NdisTapi - ok
19:12:24.0630 0640 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:24.0631 0640 Ndisuio - ok
19:12:24.0649 0640 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:24.0650 0640 NdisWan - ok
19:12:24.0671 0640 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:12:24.0673 0640 NDProxy - ok
19:12:24.0679 0640 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:12:24.0680 0640 NetBIOS - ok
19:12:24.0690 0640 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:12:24.0692 0640 NetBT - ok
19:12:24.0701 0640 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:12:24.0702 0640 Netlogon - ok
19:12:24.0721 0640 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:12:24.0723 0640 Netman - ok
19:12:24.0736 0640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:12:24.0739 0640 NetMsmqActivator - ok
19:12:24.0742 0640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:12:24.0743 0640 NetPipeActivator - ok
19:12:24.0835 0640 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:12:24.0837 0640 netprofm - ok
19:12:24.0860 0640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:12:24.0861 0640 NetTcpActivator - ok
19:12:24.0870 0640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:12:24.0871 0640 NetTcpPortSharing - ok
19:12:24.0884 0640 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:12:24.0885 0640 nfrd960 - ok
19:12:24.0990 0640 [ BD7A1D7BEF2C0FDE73F7B87971ED9D2F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
19:12:25.0059 0640 NIHardwareService - ok
19:12:25.0087 0640 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:12:25.0091 0640 NlaSvc - ok
19:12:25.0106 0640 [ CFE3462A9E94A57DCD9676F6B7FE7F67 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
19:12:25.0107 0640 nmwcd - ok
19:12:25.0110 0640 [ 8F2A94F991F8C73CEC26B4B5620D1EDC ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
19:12:25.0110 0640 nmwcdc - ok
19:12:25.0235 0640 [ 4365BCC30F28052005157284B916C681 ] Norton Ghost D:\Programmi\Norton Ghost\Agent\VProSvc.exe
19:12:25.0309 0640 Norton Ghost - ok
19:12:25.0339 0640 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
19:12:25.0340 0640 NPF - ok
19:12:25.0354 0640 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:12:25.0355 0640 Npfs - ok
19:12:25.0358 0640 npggsvc - ok
19:12:25.0374 0640 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:12:25.0376 0640 nsi - ok
19:12:25.0388 0640 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:12:25.0389 0640 nsiproxy - ok
19:12:25.0486 0640 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:12:25.0504 0640 Ntfs - ok
19:12:25.0521 0640 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:12:25.0522 0640 Null - ok
19:12:25.0542 0640 [ A0A9E53B4AAC3C6534A063ABA69BC19F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
19:12:25.0543 0640 NVHDA - ok
19:12:25.0712 0640 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:12:25.0764 0640 nvlddmkm - ok
19:12:25.0787 0640 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:12:25.0788 0640 nvraid - ok
19:12:25.0799 0640 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:12:25.0800 0640 nvstor - ok
19:12:25.0835 0640 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:12:25.0839 0640 nvsvc - ok
19:12:25.0913 0640 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:12:25.0932 0640 nvUpdatusService - ok
19:12:25.0954 0640 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:12:25.0956 0640 nv_agp - ok
19:12:26.0006 0640 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:12:26.0013 0640 odserv - ok
19:12:26.0033 0640 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:12:26.0035 0640 ohci1394 - ok
19:12:26.0055 0640 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:12:26.0057 0640 ose - ok
19:12:26.0083 0640 [ AC5BF1A610EFFAAE9CFC48CB53483F08 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
19:12:26.0084 0640 ossrv - ok
19:12:26.0124 0640 [ 93E4D6184B772A861F91F98A064390AE ] OTFSDMS C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe
19:12:26.0124 0640 Suspicious file (NoAccess): C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe. md5: 93E4D6184B772A861F91F98A064390AE
19:12:26.0125 0640 OTFSDMS ( LockedFile.Multi.Generic ) - warning
19:12:26.0125 0640 OTFSDMS - detected LockedFile.Multi.Generic (1)
19:12:26.0154 0640 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:12:26.0158 0640 p2pimsvc - ok
19:12:26.0183 0640 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:12:26.0186 0640 p2psvc - ok
19:12:26.0205 0640 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:12:26.0206 0640 Parport - ok
19:12:26.0222 0640 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:12:26.0223 0640 partmgr - ok
19:12:26.0232 0640 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:12:26.0233 0640 Parvdm - ok
19:12:26.0244 0640 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:12:26.0246 0640 PcaSvc - ok
19:12:26.0268 0640 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:12:26.0269 0640 pccsmcfd - ok
19:12:26.0296 0640 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:12:26.0297 0640 pci - ok
19:12:26.0315 0640 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:12:26.0316 0640 pciide - ok
19:12:26.0326 0640 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:12:26.0329 0640 pcmcia - ok
19:12:26.0341 0640 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:12:26.0342 0640 pcw - ok
19:12:26.0364 0640 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:12:26.0366 0640 PEAUTH - ok
19:12:26.0404 0640 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:12:26.0410 0640 PeerDistSvc - ok
19:12:26.0464 0640 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:12:26.0475 0640 pla - ok
19:12:26.0499 0640 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:12:26.0503 0640 PlugPlay - ok
19:12:26.0524 0640 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:12:26.0526 0640 PNRPAutoReg - ok
19:12:26.0537 0640 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:12:26.0540 0640 PNRPsvc - ok
19:12:26.0556 0640 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:12:26.0562 0640 PolicyAgent - ok
19:12:26.0564 0640 PORTIO64 - ok
19:12:26.0585 0640 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:12:26.0588 0640 Power - ok
19:12:26.0606 0640 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:12:26.0606 0640 PptpMiniport - ok
19:12:26.0620 0640 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:12:26.0621 0640 Processor - ok
19:12:26.0640 0640 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:12:26.0649 0640 ProfSvc - ok
19:12:26.0658 0640 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:26.0660 0640 ProtectedStorage - ok
19:12:26.0683 0640 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:12:26.0684 0640 Psched - ok
19:12:26.0710 0640 [ 52E5E76C927A44957DE7E7671E1F7E35 ] pssnap C:\Windows\system32\DRIVERS\pssnap.sys
19:12:26.0711 0640 pssnap - ok
19:12:26.0744 0640 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:12:26.0775 0640 ql2300 - ok
19:12:26.0793 0640 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:12:26.0794 0640 ql40xx - ok
19:12:26.0807 0640 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:12:26.0810 0640 QWAVE - ok
19:12:26.0818 0640 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:12:26.0818 0640 QWAVEdrv - ok
19:12:26.0832 0640 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:12:26.0833 0640 RasAcd - ok
19:12:26.0851 0640 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:26.0852 0640 RasAgileVpn - ok
19:12:26.0861 0640 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:12:26.0863 0640 RasAuto - ok
19:12:26.0874 0640 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:26.0874 0640 Rasl2tp - ok
19:12:26.0900 0640 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:12:26.0903 0640 RasMan - ok
19:12:26.0918 0640 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:26.0918 0640 RasPppoe - ok
19:12:26.0925 0640 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:12:26.0926 0640 RasSstp - ok
19:12:27.0033 0640 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:12:27.0035 0640 rdbss - ok
19:12:27.0073 0640 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:12:27.0074 0640 rdpbus - ok
19:12:27.0126 0640 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:27.0126 0640 RDPCDD - ok
19:12:27.0137 0640 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:12:27.0139 0640 RDPDR - ok
19:12:27.0153 0640 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:12:27.0153 0640 RDPENCDD - ok
19:12:27.0164 0640 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:12:27.0165 0640 RDPREFMP - ok
19:12:27.0185 0640 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:12:27.0187 0640 RdpVideoMiniport - ok
19:12:27.0206 0640 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:12:27.0209 0640 RDPWD - ok
19:12:27.0221 0640 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:12:27.0222 0640 rdyboost - ok
19:12:27.0258 0640 [ 01535FF2E4F8DF7B6FB8413CEECC4335 ] ReflectService D:\Programmi\Macrium Reflect\ReflectService.exe
19:12:27.0261 0640 ReflectService - ok
19:12:27.0291 0640 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:12:27.0299 0640 RemoteAccess - ok
19:12:27.0312 0640 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:12:27.0314 0640 RemoteRegistry - ok
19:12:27.0327 0640 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:12:27.0328 0640 RFCOMM - ok
19:12:27.0347 0640 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
19:12:27.0349 0640 rpcapd - ok
19:12:27.0371 0640 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:12:27.0373 0640 RpcEptMapper - ok
19:12:27.0394 0640 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:12:27.0395 0640 RpcLocator - ok
19:12:27.0417 0640 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:12:27.0420 0640 RpcSs - ok
19:12:27.0441 0640 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
19:12:27.0444 0640 RsFx0103 - ok
19:12:27.0460 0640 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:12:27.0461 0640 rspndr - ok
19:12:27.0502 0640 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:12:27.0516 0640 s3cap - ok
19:12:27.0541 0640 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:12:27.0543 0640 SamSs - ok
19:12:27.0553 0640 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:12:27.0560 0640 sbp2port - ok
19:12:27.0569 0640 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:12:27.0571 0640 SCardSvr - ok
19:12:27.0584 0640 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:12:27.0585 0640 scfilter - ok
19:12:27.0606 0640 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:12:27.0611 0640 Schedule - ok
19:12:27.0633 0640 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:12:27.0635 0640 SCPolicySvc - ok
19:12:27.0651 0640 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:12:27.0654 0640 SDRSVC - ok
19:12:27.0672 0640 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:12:27.0673 0640 secdrv - ok
19:12:27.0687 0640 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:12:27.0689 0640 seclogon - ok
19:12:27.0710 0640 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:12:27.0712 0640 SENS - ok
19:12:27.0731 0640 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:12:27.0734 0640 SensrSvc - ok
19:12:27.0753 0640 [ 8B80A722CCE8E16F495FCAEB43D863D1 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
19:12:27.0755 0640 Ser2pl - ok
19:12:27.0761 0640 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:12:27.0762 0640 Serenum - ok
19:12:27.0783 0640 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:12:27.0784 0640 sermouse - ok
19:12:27.0832 0640 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:12:27.0832 0640 Suspicious file (NoAccess): C:\Program Files\PC Connectivity Solution\ServiceLayer.exe. md5: 8C1F87F5FDD92229D1754B98F073913F
19:12:27.0833 0640 ServiceLayer ( LockedFile.Multi.Generic ) - warning
19:12:27.0834 0640 ServiceLayer - detected LockedFile.Multi.Generic (1)
19:12:27.0864 0640 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:12:27.0868 0640 SessionEnv - ok
19:12:27.0879 0640 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:12:27.0880 0640 sffdisk - ok
19:12:27.0888 0640 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:12:27.0889 0640 sffp_mmc - ok
19:12:27.0895 0640 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:12:27.0895 0640 sffp_sd - ok
19:12:27.0910 0640 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:12:27.0911 0640 sfloppy - ok
19:12:27.0931 0640 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:12:27.0936 0640 SharedAccess - ok
19:12:27.0963 0640 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:12:27.0967 0640 ShellHWDetection - ok
19:12:27.0989 0640 [ 227E56633D6423E1F7D869618AC8404F ] Si3132r5 C:\Windows\system32\DRIVERS\Si3132r5.sys
19:12:27.0990 0640 Si3132r5 - ok
19:12:27.0999 0640 [ DBDEE2A96F2F616726817373516CB0BD ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
19:12:27.0999 0640 SiFilter - ok
19:12:28.0013 0640 [ 3E6B438E5CB674A1382B2955AA98F637 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
19:12:28.0013 0640 SiRemFil - ok
19:12:28.0024 0640 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:12:28.0024 0640 sisagp - ok
19:12:28.0032 0640 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:12:28.0034 0640 SiSRaid2 - ok
19:12:28.0047 0640 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:12:28.0048 0640 SiSRaid4 - ok
19:12:28.0091 0640 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\Programmi\Skype\Updater\Updater.exe
19:12:28.0094 0640 SkypeUpdate - ok
19:12:28.0101 0640 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:12:28.0102 0640 Smb - ok
19:12:28.0129 0640 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:12:28.0131 0640 SNMPTRAP - ok
19:12:28.0164 0640 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
19:12:28.0166 0640 Sony SCSI Helper Service - ok
19:12:28.0185 0640 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\Windows\system32\speedfan.sys
19:12:28.0187 0640 speedfan - ok
19:12:28.0199 0640 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:12:28.0200 0640 spldr - ok
19:12:28.0228 0640 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:12:28.0231 0640 Spooler - ok
19:12:28.0319 0640 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:12:28.0335 0640 sppsvc - ok
19:12:28.0345 0640 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:12:28.0347 0640 sppuinotify - ok
19:12:28.0377 0640 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\System32\Drivers\sptd.sys
19:12:28.0394 0640 sptd - ok
19:12:28.0412 0640 [ D494597E8C665F2D515D9D24FA9616EF ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:12:28.0417 0640 SQLAgent$SQLEXPRESS - ok
19:12:28.0496 0640 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:12:28.0496 0640 Suspicious file (NoAccess): C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe. md5: B54B48F6D92423440C264E91225C5FF1
19:12:28.0497 0640 SQLBrowser ( LockedFile.Multi.Generic ) - warning
19:12:28.0497 0640 SQLBrowser - detected LockedFile.Multi.Generic (1)
19:12:28.0530 0640 [ 997BC62F49D0D84214FE887F09197D41 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:12:28.0530 0640 Suspicious file (NoAccess): C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe. md5: 997BC62F49D0D84214FE887F09197D41
19:12:28.0531 0640 SQLWriter ( LockedFile.Multi.Generic ) - warning
19:12:28.0531 0640 SQLWriter - detected LockedFile.Multi.Generic (1)
19:12:28.0551 0640 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:12:28.0553 0640 srv - ok
19:12:28.0570 0640 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:12:28.0572 0640 srv2 - ok
19:12:28.0585 0640 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:12:28.0586 0640 srvnet - ok
19:12:28.0612 0640 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:12:28.0615 0640 SSDPSRV - ok
19:12:28.0640 0640 [ 5F77725EC309DE1242D8EFC8E9259A9F ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
19:12:28.0641 0640 SSPORT - ok
19:12:28.0653 0640 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:12:28.0655 0640 SstpSvc - ok
19:12:28.0668 0640 Steam Client Service - ok
19:12:28.0699 0640 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:12:28.0699 0640 Suspicious file (NoAccess): C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe. md5: C354621B6B94E10AE7F5CDBE745FEB86
19:12:28.0700 0640 Stereo Service ( LockedFile.Multi.Generic ) - warning
19:12:28.0700 0640 Stereo Service - detected LockedFile.Multi.Generic (1)
19:12:28.0726 0640 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:12:28.0727 0640 stexstor - ok
19:12:28.0747 0640 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:12:28.0751 0640 StiSvc - ok
19:12:28.0775 0640 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:12:28.0776 0640 storflt - ok
19:12:28.0797 0640 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:12:28.0797 0640 storvsc - ok
19:12:28.0816 0640 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:12:28.0817 0640 swenum - ok
19:12:28.0840 0640 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:12:28.0843 0640 swprv - ok
19:12:28.0846 0640 Symantec SymSnap VSS Provider - ok
19:12:28.0867 0640 [ D3218867AFDF74D7AB76A3911B4544A2 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
19:12:28.0868 0640 symsnap - ok
19:12:28.0939 0640 [ E79184F51F3474568011818F08B7195C ] SymSnapService D:\Programmi\Norton Ghost\Shared\Drivers\SymSnapService.exe
19:12:28.0970 0640 SymSnapService - ok
19:12:28.0974 0640 SynasUSB - ok
19:12:28.0977 0640 Synth3dVsc - ok
19:12:29.0019 0640 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:12:29.0026 0640 SysMain - ok
19:12:29.0051 0640 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:12:29.0054 0640 TabletInputService - ok
19:12:29.0069 0640 [ 1E89DE7A4FB7A854EBB241D0AA8996DD ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:12:29.0070 0640 tap0901 - ok
19:12:29.0091 0640 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:12:29.0094 0640 TapiSrv - ok
19:12:29.0120 0640 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:12:29.0124 0640 TBS - ok
19:12:29.0162 0640 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:12:29.0168 0640 Tcpip - ok
19:12:29.0194 0640 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:12:29.0200 0640 TCPIP6 - ok
19:12:29.0206 0640 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:12:29.0206 0640 tcpipreg - ok
19:12:29.0220 0640 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:12:29.0221 0640 TDPIPE - ok
19:12:29.0274 0640 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:12:29.0276 0640 TDTCP - ok
19:12:29.0347 0640 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:12:29.0348 0640 tdx - ok
19:12:29.0480 0640 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 D:\Programmi\TeamViewer 7\TeamViewer_Service.exe
19:12:29.0536 0640 TeamViewer7 - ok
19:12:29.0558 0640 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:12:29.0558 0640 TermDD - ok
19:12:29.0595 0640 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:12:29.0611 0640 TermService - ok
19:12:29.0636 0640 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:12:29.0638 0640 Themes - ok
19:12:29.0647 0640 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:12:29.0650 0640 THREADORDER - ok
19:12:29.0696 0640 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService D:\Programmi\TomTom HOME 2\TomTomHOMEService.exe
19:12:29.0698 0640 TomTomHOMEService - ok
19:12:29.0701 0640 TPkd - ok
19:12:29.0722 0640 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:12:29.0724 0640 TrkWks - ok
19:12:29.0771 0640 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:12:29.0774 0640 TrustedInstaller - ok
19:12:29.0789 0640 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:29.0791 0640 tssecsrv - ok
19:12:29.0806 0640 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:12:29.0807 0640 TsUsbFlt - ok
19:12:29.0811 0640 tsusbhub - ok
19:12:29.0827 0640 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:12:29.0827 0640 tunnel - ok
19:12:29.0846 0640 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:12:29.0847 0640 uagp35 - ok
19:12:29.0860 0640 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:12:29.0864 0640 udfs - ok
19:12:29.0888 0640 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:12:29.0890 0640 UI0Detect - ok
19:12:29.0902 0640 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:12:29.0903 0640 uliagpkx - ok
19:12:29.0923 0640 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:12:29.0924 0640 umbus - ok
19:12:29.0932 0640 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:12:29.0933 0640 UmPass - ok
19:12:29.0955 0640 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:12:29.0957 0640 UmRdpService - ok
19:12:29.0975 0640 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:12:29.0978 0640 upnphost - ok
19:12:29.0994 0640 [ EC01DA44B090D2651FC032C8B9257232 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:12:29.0995 0640 upperdev - ok
19:12:30.0019 0640 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:12:30.0020 0640 USBAAPL - ok
19:12:30.0037 0640 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:12:30.0038 0640 usbaudio - ok
19:12:30.0057 0640 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
19:12:30.0058 0640 usbbus - ok
19:12:30.0080 0640 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:30.0081 0640 usbccgp - ok
19:12:30.0099 0640 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:12:30.0100 0640 usbcir - ok
19:12:30.0104 0640 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
19:12:30.0105 0640 UsbDiag - ok
19:12:30.0117 0640 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:12:30.0118 0640 usbehci - ok
19:12:30.0130 0640 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:12:30.0131 0640 usbhub - ok
19:12:30.0145 0640 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
19:12:30.0147 0640 USBModem - ok
19:12:30.0165 0640 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:12:30.0166 0640 usbohci - ok
19:12:30.0182 0640 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:12:30.0182 0640 usbprint - ok
19:12:30.0200 0640 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:12:30.0201 0640 usbscan - ok
19:12:30.0251 0640 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
19:12:30.0273 0640 usbser - ok
19:12:30.0329 0640 [ 4ABD37CFBD710E64F01F9DA8710C73F7 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:12:30.0350 0640 UsbserFilt - ok
19:12:30.0385 0640 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:30.0388 0640 USBSTOR - ok
19:12:30.0493 0640 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:12:30.0494 0640 usbuhci - ok
19:12:30.0547 0640 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:12:30.0550 0640 UxSms - ok
19:12:30.0572 0640 [ 1747E022B76BC248795B0AEDECCCF96F ] v2imount C:\Windows\system32\DRIVERS\v2imount.sys
19:12:30.0573 0640 v2imount - ok
19:12:30.0581 0640 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:12:30.0583 0640 VaultSvc - ok
19:12:30.0605 0640 [ 103B23EC82C08FC4BDBC369552FFAB2A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:12:30.0606 0640 VBoxDrv - ok
19:12:30.0631 0640 [ 226CD9E42BE28A84EC56430FBB57224F ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:12:30.0632 0640 VBoxNetAdp - ok
19:12:30.0644 0640 [ 0A5D6512DCB14135A388D0E7E69E01BB ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:12:30.0645 0640 VBoxNetFlt - ok
19:12:30.0665 0640 [ 7AE644EEFA57F271BCCAFE825B486812 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
19:12:30.0667 0640 VBoxUSB - ok
19:12:30.0685 0640 [ 96A478EDFB1FBF1FC663BEB09B4175A8 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:12:30.0685 0640 VBoxUSBMon - ok
19:12:30.0708 0640 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:12:30.0708 0640 vdrvroot - ok
19:12:30.0738 0640 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:12:30.0754 0640 vds - ok
19:12:30.0817 0640 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:30.0818 0640 vga - ok
19:12:30.0831 0640 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:12:30.0832 0640 VgaSave - ok
19:12:30.0835 0640 VGPU - ok
19:12:30.0869 0640 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:12:30.0873 0640 vhdmp - ok
19:12:30.0889 0640 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:12:30.0892 0640 viaagp - ok
19:12:30.0899 0640 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:12:30.0901 0640 ViaC7 - ok
19:12:30.0919 0640 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:12:30.0921 0640 viaide - ok
19:12:30.0942 0640 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:12:30.0943 0640 vmbus - ok
19:12:30.0953 0640 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:12:30.0954 0640 VMBusHID - ok
19:12:30.0969 0640 [ 817DA66B1B889FAD1DBF669E0E2F3228 ] vmm C:\Windows\system32\Drivers\vmm.sys
19:12:30.0971 0640 vmm - ok
19:12:30.0991 0640 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:12:30.0992 0640 volmgr - ok
19:12:31.0004 0640 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:12:31.0006 0640 volmgrx - ok
19:12:31.0021 0640 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:12:31.0023 0640 volsnap - ok
19:12:31.0043 0640 [ 2ABE8281DB609D8BB1BD1B2F93800D5F ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
19:12:31.0044 0640 VPCNetS2 - ok
19:12:31.0061 0640 [ E78781B2C86C92A0A738DF566460F716 ] VProEventMonitor C:\Windows\system32\DRIVERS\vproeventmonitor.sys
19:12:31.0062 0640 VProEventMonitor - ok
19:12:31.0078 0640 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:12:31.0080 0640 vsmraid - ok
19:12:31.0117 0640 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:12:31.0136 0640 VSS - ok
19:12:31.0150 0640 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:12:31.0152 0640 vwifibus - ok
19:12:31.0173 0640 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:12:31.0176 0640 W32Time - ok
19:12:31.0188 0640 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:12:31.0189 0640 WacomPen - ok
19:12:31.0211 0640 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:12:31.0212 0640 WANARP - ok
19:12:31.0215 0640 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:12:31.0215 0640 Wanarpv6 - ok
19:12:31.0244 0640 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:12:31.0252 0640 wbengine - ok
19:12:31.0265 0640 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:12:31.0269 0640 WbioSrvc - ok
19:12:31.0295 0640 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:12:31.0298 0640 wcncsvc - ok
19:12:31.0314 0640 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:12:31.0316 0640 WcsPlugInService - ok
19:12:31.0328 0640 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:12:31.0329 0640 Wd - ok
19:12:31.0351 0640 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:12:31.0354 0640 Wdf01000 - ok
19:12:31.0366 0640 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:12:31.0369 0640 WdiServiceHost - ok
19:12:31.0372 0640 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:12:31.0374 0640 WdiSystemHost - ok
19:12:31.0399 0640 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:12:31.0402 0640 WebClient - ok
19:12:31.0416 0640 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:12:31.0420 0640 Wecsvc - ok
19:12:31.0435 0640 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:12:31.0437 0640 wercplsupport - ok
19:12:31.0460 0640 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:12:31.0462 0640 WerSvc - ok
19:12:31.0472 0640 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:31.0472 0640 WfpLwf - ok
19:12:31.0486 0640 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:12:31.0489 0640 WimFltr - ok
19:12:31.0501 0640 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:12:31.0502 0640 WIMMount - ok
19:12:31.0548 0640 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:12:31.0558 0640 WinDefend - ok
19:12:31.0563 0640 WinHttpAutoProxySvc - ok
19:12:31.0612 0640 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:12:31.0613 0640 Winmgmt - ok
19:12:31.0672 0640 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:12:31.0681 0640 WinRM - ok
19:12:31.0734 0640 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:12:31.0791 0640 WinUsb - ok
19:12:31.0860 0640 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:12:31.0866 0640 Wlansvc - ok
19:12:31.0931 0640 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:31.0957 0640 wlidsvc - ok
19:12:31.0981 0640 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:12:31.0982 0640 WmiAcpi - ok
19:12:32.0002 0640 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:12:32.0004 0640 wmiApSrv - ok
19:12:32.0055 0640 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:12:32.0074 0640 WMPNetworkSvc - ok
19:12:32.0090 0640 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:12:32.0093 0640 WPCSvc - ok
19:12:32.0112 0640 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:12:32.0115 0640 WPDBusEnum - ok
19:12:32.0138 0640 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:12:32.0139 0640 ws2ifsl - ok
19:12:32.0166 0640 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
19:12:32.0169 0640 wscsvc - ok
19:12:32.0172 0640 WSearch - ok
19:12:32.0221 0640 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:12:32.0232 0640 wuauserv - ok
19:12:32.0247 0640 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:12:32.0248 0640 WudfPf - ok
19:12:32.0262 0640 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:32.0264 0640 WUDFRd - ok
19:12:32.0278 0640 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:12:32.0281 0640 wudfsvc - ok
19:12:32.0304 0640 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:12:32.0307 0640 WwanSvc - ok
19:12:32.0329 0640 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:12:32.0329 0640 xusb21 - ok
19:12:32.0354 0640 [ B79B9DBC3C974F165B5D8054A8A932A6 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
19:12:32.0355 0640 yukonw7 - ok
19:12:32.0364 0640 ================ Scan global ===============================
19:12:32.0387 0640 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:12:32.0463 0640 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:12:32.0481 0640 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:12:32.0512 0640 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:12:32.0524 0640 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:12:32.0527 0640 [Global] - ok
19:12:32.0528 0640 ================ Scan MBR ==================================
19:12:32.0537 0640 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:12:32.0889 0640 \Device\Harddisk1\DR1 - ok
19:12:32.0891 0640 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:12:32.0893 0640 \Device\Harddisk0\DR0 - ok
19:12:32.0894 0640 ================ Scan VBR ==================================
19:12:32.0895 0640 [ CD07960C72614E82F85D11F5769F0473 ] \Device\Harddisk1\DR1\Partition1
19:12:32.0896 0640 \Device\Harddisk1\DR1\Partition1 - ok
19:12:32.0906 0640 [ D475533AD505878CF471DD1DB0428E13 ] \Device\Harddisk1\DR1\Partition2
19:12:32.0907 0640 \Device\Harddisk1\DR1\Partition2 - ok
19:12:32.0909 0640 [ 80F9C38F4324657872AEADA65912E658 ] \Device\Harddisk0\DR0\Partition1
19:12:32.0910 0640 \Device\Harddisk0\DR0\Partition1 - ok
19:12:32.0910 0640 ============================================================
19:12:32.0910 0640 Scan finished
19:12:32.0910 0640 ============================================================
19:12:32.0916 5984 Detected object count: 7
19:12:32.0916 5984 Actual detected object count: 7
19:12:39.0749 5984 Bonjour Service ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0751 5984 Bonjour Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0751 5984 iPod Service ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0751 5984 iPod Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0752 5984 OTFSDMS ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0752 5984 OTFSDMS ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0753 5984 ServiceLayer ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0753 5984 ServiceLayer ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0753 5984 SQLBrowser ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0753 5984 SQLBrowser ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0754 5984 SQLWriter ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0754 5984 SQLWriter ( LockedFile.Multi.Generic ) - User select action: Skip
19:12:39.0755 5984 Stereo Service ( LockedFile.Multi.Generic ) - skipped by user
19:12:39.0755 5984 Stereo Service ( LockedFile.Multi.Generic ) - User select action: Skip
19:13:47.0680 1444 Deinitialize success

#5 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 04 October 2012 - 12:26 PM

Roguekiller log

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Mr.Roboto [Admin rights]
Mode : Scan -- Date : 10/04/2012 19:17:06

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] Logi_MwX.Exe -- C:\Windows\Logi_MwX.Exe -> KILLED [TermProc]
[SUSP PATH] SansaDispatch.exe -- C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SansaDispatch (C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1390435069-2347297169-2357984066-1000[...]\Run : SansaDispatch (C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND
[TASK][SUSP PATH] {1E724813-994C-4F99-9D85-0D789DF5F293} : C:\Windows\System32\pcalua.exe -a C:\Users\Mr.Roboto\Desktop\PoiEdit2007-2-ITA.exe -d D:\ -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=) -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 activation.guitar-pro.com
127.0.0.1 updates.presonus.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Maxtor 6Y160P0 ATA Device +++++
--- User ---
[MBR] f283ae30da00605f10bd139f415695e0
[BSP] 71326d86fcac2ce96abc97875ce33ab9 : Windows XP MBR Code
Partition table:
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 156319 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SiImage SCSI Disk Device +++++
--- User ---
[MBR] 40c9576374e9384be50f073406490059
[BSP] 47d11dd09b2e0355a633d8f5b3dea3df : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 55129 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 112904820 | Size: 421816 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

Edited by Geppo, 04 October 2012 - 12:26 PM.


#6 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 04 October 2012 - 12:32 PM

I don't know if this may be of help: if not, just disregard please.
While waiting for your answer, I tried to inspect the status of my pc and came up with the following:

1. I can't update my win7 anymore. Here's what I tried:
1. Can't run microsoft fix'it. Runtime Error 80040402
2. Can't run microsoft windows system update readiness tool. Error 0x80070005. Access Denied

2. Windows Firewall issue.

Using http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe I was able to restart the built-in windows firewall. It works, but I can't fine tune it anymore via advanced options cause the mmc console fails to initialize the snap-in (CLSID: FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11})
I then tried an access via gpedit.msc, to check administrative templates. Gpedit runs, but I have no access to template with the popup error MMC: snap-in failed to initialize (and nothing more).
I suspect my account permissions have been somehow restricted by the malware/rootkit/whatever.
I cannot even access some of my folders (permission denied!).

3. Eventwvr.msc

Same as Windows Firewall advanced feature.
Failure to initialize with CLSID: FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}

4. Startup issue.

When I turn on the pc, windows always opens a page showing that "Windows failed to start" (and lots more actually, but it is just blablabla) and two choices:

1. run system restore
2. run windows normally

I always have to choose manually the second options (and windows loads correctly) and this is a bit of a nuisance.
This page show up every time I turn on my PC or restart it and I perform these operations using the shut-down or restart button in windows->start. Needless to say, shutdown and restart processes complete successfully every time.
I read of some dedit switches to completely ignore boot failures but I wasn't too sure that following blindly those instrucions would have been harmless.
Thanks again.

Edited by Geppo, 04 October 2012 - 12:35 PM.


#7 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:37 PM

Posted 04 October 2012 - 01:03 PM

Hello Geppo,

OK. Do as much as you can of the following.

Step 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.
  • Link 2
    Link 3
    Link 4
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
  • If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL
IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Step 2

Please copy/paste the lines in bold below to Notepad:

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset resetlog.log
shutdown -r -t 1
del %0

Save as flush.bat to your desktop.
Double-click flush.bat file to run it. Your computer will reboot.

Step 3

Windows services
This will be a batch-fix .
  • Press the Windows-key on keyboard.
  • In the Posted Image box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0
  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the Posted Image box, type in Fix.bat.
  • Press Posted Image.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose Posted Image.
  • Press Yes if prompted by User Account Control.
This procedure will do its tasks and then it will Restart Windows.

Check for missing or disabled Windows services, by doing the following, and post detailed results when done !!
From Start button, (or Win-key +R) and in the searcht-box type in MSCONFIG and press OK or Enter.

On Vista or Windows 7, press Windows-key on keybooard, and type in MSCONFIG


You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)
IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.

Keep a written list of any changes from my list of services below. That way you and I have a reference document.
Look at the bottom line Hide all Microsoft services
IF and only IF its is checkmarked, then un-check it.
the list of servies may be shown in non-alphabetical order, so ....
Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.
You can toggle as needed to get the desired order.

IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !

Then using the scroll-bar scroll down the list

Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

When done, press the Apply button, and the OK button.

You're likely to be prompted to Restart Windows, do so.
If not prompted, you do a Logoff and Restart of Windows.

Then report back here with details.
If any of the services are not shown, just let me know which.

There will be more to do later !!
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#8 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 04 October 2012 - 04:26 PM

Here we go:

RKILL Report

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/04/2012 08:31:22 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\nvvsvc.exe (PID: 720) [FI]
* C:\Windows\system32\nvvsvc.exe (PID: 1348) [FI]
* C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE (PID: 1964) [AU-HEUR]
* C:\Windows\System32\Ctxfihlp.exe (PID: 2820) [WD-HEUR]
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (PID: 2920) [FI]
* C:\Users\Mr.Roboto\Local Settings\Apps\F.lux\flux.exe (PID: 2928) [UP-HEUR]
* C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (PID: 3408) [FI]
* C:\Windows\System32\msdtc.exe (PID: 3924) [WD-HEUR]
* C:\Windows\system32\SearchIndexer.exe (PID: 3388) [WD-HEUR]
* C:\Windows\SYSTEM32\CTXFISPI.EXE (PID: 4704) [WD-HEUR]
* C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (PID: 4292) [WD-HEUR]
* C:\Windows\system32\SearchFilterHost.exe (PID: 2176) [WD-HEUR]

12 proccesses terminated!

Possibly Patched Files.

* C:\Windows\system32\csrss.exe
* C:\Windows\system32\wininit.exe
* C:\Windows\system32\csrss.exe
* C:\Windows\system32\services.exe
* C:\Windows\system32\lsass.exe
* C:\Windows\system32\lsm.exe
* C:\Windows\system32\winlogon.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\System32\svchost.exe
* C:\Windows\System32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\System32\spoolsv.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\Dwm.exe
* C:\Windows\Explorer.EXE
* C:\Windows\system32\taskhost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\dllhost.exe
* C:\Windows\system32\svchost.exe
* C:\Windows\system32\dllhost.exe
* C:\Windows\system32\taskhost.exe
* C:\Windows\System32\svchost.exe
* C:\Windows\System32\svchost.exe
* C:\Windows\system32\wbem\wmiprvse.exe
* C:\Windows\system32\conhost.exe

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\appmgmts.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_81a53e87bd5d36aa\appmgmts.dll : 149.504 : 07/14/2009 00:14 AM : a45d184df6a8803da13a0b329517a64a [Pos Repl]

* C:\Windows\System32\browser.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_78bf7cdcff520ade\browser.dll : 102.400 : 07/14/2009 00:15 AM : 598e1280e7ff3744f4b8329366cc5635 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.17056_none_78e0d070ff38f28e\browser.dll : 102.912 : 07/04/2012 11:23 PM : a0e691dc6589d4d2cbe373171d1a49e5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.21256_none_796a6f2218568f7f\browser.dll : 102.912 : 07/04/2012 11:24 PM : f319bc3931655b9d5d145ac4f6eae7e2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_7af090a4fc408e78\browser.dll : 102.400 : 11/20/2010 11:18 AM : 6e11f33d14d020f58d5e02e4d67dfa19 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_7aa7e7c0fc769589\browser.dll : 102.912 : 07/04/2012 11:14 PM : 3daa727b5b0a45039b0e1c9a211b8400 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_7b599b801576accc\browser.dll : 102.912 : 07/04/2012 11:17 PM : 28b0cf997de2852e9d27a36cdd6884c8 [Pos Repl]

* C:\Windows\System32\cngaudit.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll : 12.288 : 07/14/2009 11:15 AM : 50ba656134f78af64e4dd3c8b6fefd7e [Pos Repl]

* C:\Windows\System32\comctl32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_39727524394b18eb\comctl32.dll : 530.432 : 07/14/2009 11:15 AM : b62aa1bb1f63839051441d2c6dd7b775 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16661_none_39841986393e7322\comctl32.dll : 530.432 : 08/21/2010 11:33 AM : d3ead1cf16ba729a7f7c9a5d94aa7c05 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.20787_none_39fe18355266e2d8\comctl32.dll : 530.432 : 08/21/2010 11:52 AM : bf5d71b4a40687a90c8b47f776758a6f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll : 530.432 : 11/20/2010 11:18 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll : 530.432 : 07/14/2009 11:15 AM : b62aa1bb1f63839051441d2c6dd7b775 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll : 530.432 : 08/21/2010 11:33 AM : d3ead1cf16ba729a7f7c9a5d94aa7c05 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.20787_none_ede2ad2969983532\comctl32.dll : 530.432 : 08/21/2010 11:52 AM : bf5d71b4a40687a90c8b47f776758a6f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll : 530.432 : 11/20/2010 11:18 AM : bdac1aa64495d0f7e1ff810ebbf1f018 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll : 1.680.896 : 07/14/2009 11:03 AM : 0fa436a553408cbeba070e3182658de3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll : 1.680.896 : 08/21/2010 11:21 AM : 4b8dd8541c0e26602005dd0137333615 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.20787_none_2b43b51e45274037\comctl32.dll : 1.680.896 : 08/21/2010 11:43 AM : 70ef5dfef7069164eacf7140c2cc6344 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll : 1.680.896 : 11/20/2010 11:55 AM : 352b3dc62a0d259a82a052238425c872 [Pos Repl]

* C:\Windows\System32\comres.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll : 1.297.408 : 07/14/2009 11:04 AM : 808d8a8b2a3074002852bc856d419576 [Pos Repl]

* C:\Windows\System32\conhost.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16385_none_74321d74636d5b24\conhost.exe : 271.360 : 07/14/2009 11:14 AM : 29d9fcdf65b7c823688a035937bb6697 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16816_none_747ed6b06333a2a7\conhost.exe : 271.872 : 05/14/2011 11:33 AM : 6eed825122ea3bdb9d456ac97978ffed [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16823_none_747105e6633e7293\conhost.exe : 271.872 : 06/02/2011 11:55 AM : af6fe353a4eedee04368bcdfe1a7ffa5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.16850_none_744d954463597a61\conhost.exe : 271.360 : 07/16/2011 11:31 AM : b5c8881951776ecd34ed2929b1af975d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.20978_none_74c994877c801cc5\conhost.exe : 271.872 : 06/03/2011 11:59 AM : 1f4fe2bdb51a23bda5d6a359ac063917 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7600.20995_none_74b0f3d17c9308a2\conhost.exe : 271.360 : 06/24/2011 11:25 AM : 9f015a7096d21e6fdbab4cf649c16a16 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_7663313c605bdebe\conhost.exe : 271.360 : 11/20/2010 11:17 AM : 156f20e7a89573c2fd7cbc305dfc181f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17617_none_76663400605927ea\conhost.exe : 271.872 : 05/14/2011 11:23 AM : df9da0d253e05968d73cb4b1fd7a68e6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17625_none_765963806063112d\conhost.exe : 271.872 : 06/03/2011 11:56 AM : 4766160c4b63bb76ffec0ddf6103a396 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17641_none_763fc2806076e3b3\conhost.exe : 271.360 : 06/24/2011 11:22 AM : 7b162f044b225fe0cf25cacb5f05b07e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21728_none_76e60129797dfcfc\conhost.exe : 271.872 : 05/14/2011 11:35 AM : f05a640a398be8f500c089b918ab1ebb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21738_none_76db313d798618ed\conhost.exe : 271.872 : 06/03/2011 11:10 AM : 4b955c851f3fbdc23f7e0e5a0e0e49fa [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.21756_none_76c390d179981e21\conhost.exe : 271.360 : 06/24/2011 11:56 AM : 5a95d2808edd2e879674b35b82877e79 [Pos Repl]

* C:\Windows\System32\cryptsvc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll : 135.680 : 07/14/2009 11:15 AM : 9c231178ce4fb385f4b54b0a9080b8a4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll : 139.264 : 04/24/2012 11:47 AM : 520a108a2657f4bca7fced9ca7d885de [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll : 141.312 : 04/24/2012 11:33 AM : f522279b4717e2bff269c771fac2b78e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll : 136.192 : 11/20/2010 11:18 AM : a585bebf7d054bd9618eda0922d5484a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll : 140.288 : 04/24/2012 11:36 AM : 06e771aa596b8761107ab57e99f128d7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll : 142.336 : 04/24/2012 11:28 AM : 21993009e0ccb9b4fa195f14d3408626 [Pos Repl]

* C:\Windows\System32\csrss.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe : 6.144 : 07/14/2009 11:14 AM : 342271f6142e7c70805b8a81e1ba5f5c [Pos Repl]

* C:\Windows\System32\ctfmon.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe : 8.704 : 07/14/2009 11:14 AM : 4a3cdcef8ed41b221f3dbef5792fb52d [Pos Repl]

* C:\Windows\System32\d3d8.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d8_31bf3856ad364e35_6.1.7600.16385_none_c222c27ec21ab213\d3d8.dll : 1.036.800 : 07/14/2009 11:15 AM : 241a1900c52dcba38b20a4f3671444e0 [Pos Repl]

* C:\Windows\System32\d3d8thk.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d8thk.dll : 11.264 : 07/14/2009 11:15 AM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d8thk.dll : 11.264 : 07/14/2009 11:15 AM : 77b1471a490b53b24efe136f09f76550 [Pos Repl]

* C:\Windows\System32\d3d9.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d9.dll : 1.826.816 : 07/14/2009 11:15 AM : 7459301d21c2e21468823f73042d9f87 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll : 1.828.352 : 11/20/2010 11:18 AM : 6ef5f3f18413c367195f06e503ab86a6 [Pos Repl]

* C:\Windows\System32\ddraw.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll : 531.968 : 07/14/2009 11:15 AM : 198552aefeca69d646867ec8d792de95 [Pos Repl]

* C:\Windows\System32\dllhost.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7.168 : 07/14/2009 11:14 AM : a63dc5c2ea944e6657203e0c8edeaf61 [Pos Repl]

* C:\Windows\System32\drivers\acpi.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\acpi.inf_x86_neutral_a1f4891fe0de4401\acpi.sys : 274.304 : 11/20/2010 00:29 AM : cea80c80bed809aa0da6febc04733349 [Pos Repl]
+-> C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_225f1a272f5b64b9\acpi.sys : 274.496 : 07/14/2009 11:26 AM : f0e07d144c8685b8774bc32fc8da4df0 [Pos Repl]
+-> C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_24902def2c49e853\acpi.sys : 274.304 : 11/20/2010 11:29 AM : cea80c80bed809aa0da6febc04733349 [Pos Repl]

* C:\Windows\System32\drivers\afd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys : 338.944 : 07/14/2009 11:12 AM : ddc040fdb01ef1712a6b13e52afb104c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys : 338.944 : 04/25/2011 11:35 AM : 0db7a48388d54d154ebec120461a0fcd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys : 338.944 : 04/25/2011 11:27 AM : c114ab7a1550d42ea1700ffd4179cf5a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys : 338.944 : 11/20/2010 11:40 AM : 1151fd4fb0216cfed887bfde29ebd516 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys : 338.944 : 04/25/2011 11:18 AM : 9ebbba55060f786f0fcaa3893bfa2806 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys : 338.944 : 04/25/2011 11:24 AM : c427f91a748cd342a2b3f9278d9fd6a5 [Pos Repl]

* C:\Windows\System32\drivers\agp440.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys : 53.312 : 07/14/2009 00:26 AM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys : 53.312 : 07/14/2009 11:26 AM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys : 53.312 : 07/14/2009 11:26 AM : 507812c3054c21cef746b6ee3d04dd6e [Pos Repl]

* C:\Windows\System32\drivers\asyncmac.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_242e2506962cd3e0\asyncmac.sys : 17.920 : 07/14/2009 11:54 AM : add2ade1c2b285ab8378d2daaf991481 [Pos Repl]

* C:\Windows\System32\drivers\atapi.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys : 21.584 : 07/14/2009 00:26 AM : 338c86357871c167a96ab976519bf59e [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys : 21.584 : 07/14/2009 11:26 AM : 338c86357871c167a96ab976519bf59e [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys : 21.584 : 07/14/2009 11:26 AM : 338c86357871c167a96ab976519bf59e [Pos Repl]

* C:\Windows\System32\drivers\battc.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\battc.sys : 25.168 : 07/14/2009 00:26 AM : 2b8ee031fd700ab942ebe60665440e83 [Pos Repl]
+-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\battc.sys : 25.168 : 07/14/2009 11:26 AM : 2b8ee031fd700ab942ebe60665440e83 [Pos Repl]

* C:\Windows\System32\drivers\beep.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys : 6.144 : 07/14/2009 11:45 AM : 505506526a9d467307b3c393dedaf858 [Pos Repl]

* C:\Windows\System32\drivers\bridge.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_07c046fe67692e98\bridge.sys : 78.336 : 07/14/2009 11:41 AM : 77361d72a04f18809d0efb6cceb74d4b [Pos Repl]

* C:\Windows\System32\drivers\bthport.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_2d4ce84c4a0b8470\bthport.sys : 393.216 : 11/20/2010 00:00 AM : 195c41cc67e9e1cedd960ccb74925920 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_92c343c9dc681a74\bthport.sys : 393.728 : 04/28/2011 00:15 AM : c2fbf6d271d9a94d839c416bf186ead9 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_a6bf6d613b46f6a5\bthport.sys : 393.728 : 07/06/2012 09:23 PM : 1153de2e4f5941e10c399cb5592f78a1 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7600.16385_none_721b1a5f1ce4cd06\bthport.sys : 392.704 : 07/14/2009 11:51 AM : 4a34888e13224678dd062466afec4240 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7600.16805_none_7271a33d1ca3df41\bthport.sys : 393.216 : 04/28/2011 11:29 AM : 88059ff1ded4472acd17eebabd393069 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7600.17058_none_723e6e871cc9e764\bthport.sys : 393.216 : 07/06/2012 09:31 PM : 04ceda17a195924070b01174cb1f9af8 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7600.20955_none_72c5306c35ea0ac0\bthport.sys : 393.216 : 04/28/2011 09:22 AM : 63f969e2100b255430d624727c26fa08 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7600.21259_none_72c90d8235e69dac\bthport.sys : 393.216 : 07/06/2012 11:42 PM : 3d43c01e9b134c6bf38a37c9354b2504 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7601.17514_none_744c2e2719d350a0\bthport.sys : 393.216 : 11/20/2010 11:00 AM : 195c41cc67e9e1cedd960ccb74925920 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7601.17607_none_745a00d719c87ddb\bthport.sys : 393.728 : 04/28/2011 11:15 AM : c2fbf6d271d9a94d839c416bf186ead9 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7601.17889_none_740585d71a078a5f\bthport.sys : 393.728 : 07/06/2012 09:23 PM : 1153de2e4f5941e10c399cb5592f78a1 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7601.21716_none_74d7cd6c32ef203f\bthport.sys : 393.728 : 04/28/2011 09:06 AM : 220b38e7ebfa20d06b4751c2bfefd940 [Pos Repl]
+-> C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.1.7601.22046_none_74b739963307a1a2\bthport.sys : 393.728 : 07/06/2012 09:18 PM : a7a222946274c5f8049016535b8c7412 [Pos Repl]

* C:\Windows\System32\drivers\cdfs.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-cdfs_31bf3856ad364e35_6.1.7600.16385_none_a63de9327e477e37\cdfs.sys : 70.656 : 07/14/2009 09:11 AM : 77ea11b065e0a8ab902d78145ca51e10 [Pos Repl]

* C:\Windows\System32\drivers\cdrom.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys : 108.544 : 11/20/2010 09:38 AM : be167ed0fdb9c1fa1133953c18d5a6c9 [Pos Repl]
+-> C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys : 108.544 : 07/14/2009 09:11 AM : ba6e70aa0e6091bc39de29477d866a77 [Pos Repl]
+-> C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys : 108.544 : 11/20/2010 09:38 AM : be167ed0fdb9c1fa1133953c18d5a6c9 [Pos Repl]

* C:\Windows\System32\drivers\classpnp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-classpnp_31bf3856ad364e35_6.1.7600.16385_none_155984bf0d656ab3\Classpnp.sys : 140.864 : 07/14/2009 09:26 AM : a6388a5abf92c7927c085db0a958125f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-classpnp_31bf3856ad364e35_6.1.7601.17514_none_178a98870a53ee4d\Classpnp.sys : 140.864 : 07/14/2009 09:26 AM : a6388a5abf92c7927c085db0a958125f [Pos Repl]

* C:\Windows\System32\drivers\CmBatt.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\CmBatt.sys : 14.080 : 07/14/2009 09:19 AM : dea805815e587dad1dd2c502220b5616 [Pos Repl]
+-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\CmBatt.sys : 14.080 : 07/14/2009 09:19 AM : dea805815e587dad1dd2c502220b5616 [Pos Repl]

* C:\Windows\System32\drivers\compbatt.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\battery.inf_x86_neutral_5752155055c5e2d7\compbatt.sys : 19.024 : 07/14/2009 09:26 AM : a6023d3823c37043986713f118a89bee [Pos Repl]
+-> C:\Windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.1.7600.16385_none_15fde90fb523bb21\compbatt.sys : 19.024 : 07/14/2009 09:26 AM : a6023d3823c37043986713f118a89bee [Pos Repl]

* C:\Windows\System32\drivers\diskdump.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.16385_none_66948c2ff899c64e\Diskdump.sys : 26.688 : 07/14/2009 09:20 AM : 9e9c3566083e3a152d4d5c5311a852ab [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.16634_none_66c9a133f87218b7\Diskdump.sys : 26.504 : 07/13/2010 09:22 AM : 3d8bdf695ba1569995027ad904f847e9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.16800_none_66e6139bf85d59d6\Diskdump.sys : 26.496 : 04/22/2011 09:36 PM : c78ea24ce267eaa6bf67caaeb11c0520 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.20753_none_673c9ddd11a0d70c\Diskdump.sys : 26.504 : 07/13/2010 09:13 AM : d222767544650379e5c0385de9b40dbb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7600.20949_none_674d735111934d73\Diskdump.sys : 26.496 : 04/22/2011 09:17 PM : 36b1f9025f87f385f1af40e8200f6df6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.17514_none_68c59ff7f58849e8\Diskdump.sys : 27.008 : 11/20/2010 09:29 AM : 81773be2b369f54ede42ae62b59bb895 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.17601_none_68cd70ebf582df19\Diskdump.sys : 27.008 : 04/22/2011 09:14 PM : d0f0d7a97c90fe72a79732812e65f822 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-diskdump_31bf3856ad364e35_6.1.7601.21710_none_694b3d810ea9817d\Diskdump.sys : 27.008 : 04/22/2011 09:57 PM : 0a49d7de1c0be2aa67fdaf672a369340 [Pos Repl]

* C:\Windows\System32\drivers\disk.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys : 57.424 : 07/14/2009 09:20 AM : 565003f326f99802e68ca78f2a68e9ff [Pos Repl]
+-> C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys : 57.424 : 07/14/2009 09:20 AM : 565003f326f99802e68ca78f2a68e9ff [Pos Repl]

* C:\Windows\System32\drivers\drmkaud.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\drmkaud.sys : 5.120 : 07/14/2009 09:50 AM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]
+-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\drmkaud.sys : 5.120 : 07/14/2009 09:50 AM : b918e7c5f9bf77202f89e1a9539f2eb4 [Pos Repl]

* C:\Windows\System32\drivers\drmk.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\drmk.sys : 80.896 : 07/14/2009 09:41 AM : 27f9288af019e6daca281ede51ff5928 [Pos Repl]
+-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\drmk.sys : 80.896 : 07/14/2009 09:41 AM : 27f9288af019e6daca281ede51ff5928 [Pos Repl]

* C:\Windows\System32\drivers\dxapi.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-useros_31bf3856ad364e35_6.1.7600.16385_none_cd450af4ce8086e8\dxapi.sys : 13.312 : 07/14/2009 09:25 AM : 5fcd3320aae71506b43f9e12e4e72172 [Pos Repl]

* C:\Windows\System32\drivers\dxg.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-dxg_31bf3856ad364e35_6.1.7600.16385_none_a8c197c1bc709e3e\dxg.sys : 76.288 : 07/14/2009 09:25 AM : 1b6242b20cb56f85a158e67f09ee84fe [Pos Repl]

* C:\Windows\System32\drivers\fastfat.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys : 148.480 : 07/14/2009 09:14 AM : 7e0ab74553476622fb6ae36f73d97d35 [Pos Repl]

* C:\Windows\System32\drivers\fdc.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\fdc.inf_x86_neutral_67322cb863995ea8\fdc.sys : 25.088 : 07/14/2009 09:45 AM : e817a017f82df2a1f8cfdbda29388b29 [Pos Repl]
+-> C:\Windows\winsxs\x86_fdc.inf_31bf3856ad364e35_6.1.7600.16385_none_0168099141bb7be7\fdc.sys : 25.088 : 07/14/2009 09:45 AM : e817a017f82df2a1f8cfdbda29388b29 [Pos Repl]

* C:\Windows\System32\drivers\flpydisk.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\flpydisk.sys : 19.968 : 07/14/2009 09:45 AM : 87907aa70cb3c56600f1c2fb8841579b [Pos Repl]
+-> C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\flpydisk.sys : 19.968 : 07/14/2009 09:45 AM : 87907aa70cb3c56600f1c2fb8841579b [Pos Repl]

* C:\Windows\System32\drivers\fltMgr.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-filtermanager-core_31bf3856ad364e35_6.1.7600.16385_none_10dfc9158c1fa6f6\fltMgr.sys : 198.208 : 07/14/2009 09:20 AM : 7520ec808e0c35e0ee6f841294316653 [Pos Repl]

* C:\Windows\System32\drivers\fs_rec.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16385_none_25289c6a9fa4dca8\fs_rec.sys : 19.536 : 07/14/2009 09:20 AM : a574b4360e438977038aae4bf60d79a2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16970_none_252e76489fa130ee\fs_rec.sys : 19.312 : 03/01/2012 09:53 AM : 500a9814fd9446a8126858a5a7f7d273 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.21160_none_25c2bb21b8b6e809\fs_rec.sys : 19.312 : 03/01/2012 09:34 AM : 4f7b22cd40d4acfb9dd89f1080d3e9fe [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17514_none_2759b0329c936042\fs_rec.sys : 19.536 : 07/14/2009 09:20 AM : a574b4360e438977038aae4bf60d79a2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17787_none_271105689cc96a2c\fs_rec.sys : 19.824 : 03/01/2012 09:46 AM : 7dae5ebcc80e45d3253f4923dc424d05 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.21933_none_27ccb28db5c2160c\fs_rec.sys : 19.824 : 03/01/2012 09:31 AM : d550d49eebe4bf9d351769fd66ca3c8f [Pos Repl]

* C:\Windows\System32\drivers\hidclass.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidclass.sys : 55.808 : 11/20/2010 09:59 AM : 931a1df1520abc6e84ba4a75e6957025 [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidclass.sys : 55.808 : 07/14/2009 09:51 AM : b682e1cc0fdc7ac04b71d1fa9a07ef21 [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidclass.sys : 55.808 : 11/20/2010 09:59 AM : 931a1df1520abc6e84ba4a75e6957025 [Pos Repl]

* C:\Windows\System32\drivers\hidparse.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidparse.sys : 25.728 : 07/14/2009 09:51 AM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidparse.sys : 25.728 : 07/14/2009 09:51 AM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidparse.sys : 25.728 : 07/14/2009 09:51 AM : 6c26122f1931d4d7810240f32ddce890 [Pos Repl]

* C:\Windows\System32\drivers\hidusb.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_9e1eba5724be176f\hidusb.sys : 24.064 : 11/20/2010 09:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7600.16385_none_2045efea8171454c\hidusb.sys : 24.064 : 07/14/2009 09:51 AM : 25072fb35ac90b25f9e4e3bacf774102 [Pos Repl]
+-> C:\Windows\winsxs\x86_input.inf_31bf3856ad364e35_6.1.7601.17514_none_227703b27e5fc8e6\hidusb.sys : 24.064 : 11/20/2010 09:59 AM : 10c19f8290891af023eaec0832e1eb4d [Pos Repl]

* C:\Windows\System32\drivers\http.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.1.7600.16385_none_ac97526c7a2e8289\http.sys : 513.024 : 07/14/2009 09:12 AM : c531c7fd9e8b62021112787c4e2c5a5a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.1.7601.17514_none_aec86634771d0623\http.sys : 513.536 : 11/20/2010 09:40 AM : 871917b07a141bff43d76d8844d48106 [Pos Repl]

* C:\Windows\System32\drivers\i8042prt.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\i8042prt.sys : 80.896 : 07/14/2009 09:11 AM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys : 80.896 : 07/14/2009 09:11 AM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
+-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\i8042prt.sys : 80.896 : 07/14/2009 09:11 AM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
+-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sys : 80.896 : 07/14/2009 09:11 AM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]
+-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys : 80.896 : 07/14/2009 09:11 AM : f151f0bdc47f4a28b1b20a0818ea36d6 [Pos Repl]

* C:\Windows\System32\drivers\intelide.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\intelide.sys : 15.424 : 07/14/2009 09:20 AM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\intelide.sys : 15.424 : 07/14/2009 09:20 AM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\intelide.sys : 15.424 : 07/14/2009 09:20 AM : a0f12f2c9ba6c72f3987ce780e77c130 [Pos Repl]

* C:\Windows\System32\drivers\intelppm.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_x86_neutral_729b871528391032\intelppm.sys : 53.760 : 07/14/2009 09:11 AM : 3b514d27bfc4accb4037bc6685f766e0 [Pos Repl]
+-> C:\Windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_5d20b0c250b4b524\intelppm.sys : 53.760 : 07/14/2009 09:11 AM : 3b514d27bfc4accb4037bc6685f766e0 [Pos Repl]

* C:\Windows\System32\drivers\ipfltdrv.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasipfilter_31bf3856ad364e35_6.1.7600.16385_none_e73fda0c2083052a\ipfltdrv.sys : 58.880 : 07/14/2009 09:54 AM : 709d1761d3b19a932ff0238ea6d50200 [Pos Repl]

* C:\Windows\System32\drivers\ipnat.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ipnat_31bf3856ad364e35_6.1.7600.16385_none_5aee6dbbdcaf7199\ipnat.sys : 101.888 : 07/14/2009 09:54 AM : a5fa468d67abcdaa36264e463a7bb0cd [Pos Repl]

* C:\Windows\System32\drivers\irenum.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-irdaircomm_31bf3856ad364e35_6.1.7600.16385_none_2867d22e85fcfdfa\irenum.sys : 13.824 : 07/14/2009 09:53 AM : 42996cff20a3084a56017b7902307e9f [Pos Repl]

* C:\Windows\System32\drivers\isapnp.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys : 46.656 : 07/14/2009 09:20 AM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys : 46.656 : 07/14/2009 09:20 AM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys : 46.656 : 07/14/2009 09:20 AM : 1f32bb6b38f62f7df1a7ab7292638a35 [Pos Repl]

* C:\Windows\System32\drivers\kbdclass.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\kbdclass.sys : 42.576 : 07/14/2009 09:20 AM : adef52ca1aeae82b50df86b56413107e [Pos Repl]
+-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\kbdclass.sys : 42.576 : 07/14/2009 09:20 AM : adef52ca1aeae82b50df86b56413107e [Pos Repl]
+-> C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\kbdclass.sys : 42.576 : 07/14/2009 09:20 AM : adef52ca1aeae82b50df86b56413107e [Pos Repl]

* C:\Windows\System32\drivers\ksecdd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\ksecdd.sys : 67.664 : 07/14/2009 09:20 AM : e36a061ec11b373826905b21be10948f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\ksecdd.sys : 67.664 : 07/14/2009 09:20 AM : e36a061ec11b373826905b21be10948f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\ksecdd.sys : 67.440 : 11/17/2011 09:48 AM : 0263364acb9c834ace52fb85c2c064ec [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\ksecdd.sys : 67.440 : 06/02/2012 09:51 AM : 52fc17c8589f11747d01d3cf592673d0 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\ksecdd.sys : 67.664 : 07/14/2009 09:20 AM : e36a061ec11b373826905b21be10948f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\ksecdd.sys : 67.440 : 11/17/2011 09:20 AM : eb58ce9c7291ae1917eecf25543b3a9d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\ksecdd.sys : 67.440 : 06/02/2012 09:50 AM : 5a07985c21039e42ac014853b7cd5a05 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\ksecdd.sys : 67.456 : 11/20/2010 09:30 AM : 412cea1aa78cc02a447f5c9e62b32ff1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\ksecdd.sys : 67.440 : 11/17/2011 09:41 AM : f4647bb23db9038a7536cf6b68f4207f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\ksecdd.sys : 67.440 : 06/02/2012 09:45 AM : b7895b4182c0d16f6efadeb8081e8d36 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\ksecdd.sys : 67.440 : 11/17/2011 09:35 AM : 91beb3c853eb11ab8363f2f261875fea [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\ksecdd.sys : 67.440 : 06/02/2012 09:57 AM : 1cb63b575adbd14a7216f6c4716816bb [Pos Repl]

* C:\Windows\System32\drivers\ks.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7600.16385_none_5757187af737b0be\ks.sys : 190.976 : 07/14/2009 09:45 AM : f762edd3acca095f5af4d719f3b8ae3d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7600.16543_none_57805b62f719089a\ks.sys : 190.976 : 03/04/2010 09:57 AM : 9e79e2354301783d5e0d48411c2a7466 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7600.20659_none_580529fe10395c5f\ks.sys : 190.976 : 03/04/2010 09:53 AM : 5a5c40af44df5fac634b6c3555aa8808 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.1.7601.17514_none_59882c42f4263458\ks.sys : 190.976 : 11/20/2010 09:50 AM : 5dcef0c32be0f33277326586fa503689 [Pos Repl]

* C:\Windows\System32\drivers\mcd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft.windows.h..changer-driverclass_31bf3856ad364e35_6.1.7600.16385_none_c87bc13e280dd10a\mcd.sys : 18.432 : 07/14/2009 09:45 AM : ef08d2ebe3eabba43cc57eee001027b6 [Pos Repl]

* C:\Windows\System32\drivers\modem.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-u..em-core-classdriver_31bf3856ad364e35_6.1.7600.16385_none_2fdad9144fff701e\modem.sys : 31.744 : 07/14/2009 09:55 AM : f001861e5700ee84e2d4e52c712f4964 [Pos Repl]

* C:\Windows\System32\drivers\mouclass.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\mouclass.sys : 41.552 : 07/14/2009 09:20 AM : fb18cc1d4c2e716b6b903b0ac0cc0609 [Pos Repl]
+-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\mouclass.sys : 41.552 : 07/14/2009 09:20 AM : fb18cc1d4c2e716b6b903b0ac0cc0609 [Pos Repl]

* C:\Windows\System32\drivers\mouhid.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\mouhid.sys : 26.112 : 07/14/2009 09:45 AM : 2c388d2cd01c9042596cf3c8f3c7b24d [Pos Repl]
+-> C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\mouhid.sys : 26.112 : 07/14/2009 09:45 AM : 2c388d2cd01c9042596cf3c8f3c7b24d [Pos Repl]

* C:\Windows\System32\drivers\mountmgr.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7600.16385_none_f26e7ae968595905\mountmgr.sys : 78.416 : 07/14/2009 09:20 AM : 921c18727c5920d6c0300736646931c2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.17514_none_f49f8eb16547dc9f\mountmgr.sys : 78.208 : 11/20/2010 09:30 AM : fc8771f45ecccfd89684e38842539b9b [Pos Repl]

* C:\Windows\System32\drivers\mrxdav.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7600.16385_none_14813b5b270f3a0b\mrxdav.sys : 115.712 : 07/14/2009 09:14 AM : b1be47008d20e43da3adc37c24cdb89d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.1.7601.17514_none_16b24f2323fdbda5\mrxdav.sys : 115.712 : 11/20/2010 09:42 AM : ceb46ab7c01c9f825f8cc6babc18166a [Pos Repl]

* C:\Windows\System32\drivers\mrxsmb.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16385_none_7f67c358b2710494\mrxsmb.sys : 123.392 : 07/14/2009 09:14 AM : f4a054be78af7f410129c4b64b07dc9b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16499_none_7f60f67ab2758308\mrxsmb.sys : 123.392 : 01/08/2010 09:17 AM : 9e5dd4ef01aed723abf5342ef23ff012 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16539_none_7fa1d7e8b244d889\mrxsmb.sys : 123.392 : 02/27/2010 09:32 AM : f1b6aa08497ea86ca6ef6f7a08b0bfb8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16765_none_7f7d6ac8b260c14e\mrxsmb.sys : 123.392 : 02/23/2011 09:05 AM : b4c76ef46322a9711c7b0f4e21ef6ea5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16808_none_7fc14d14b22d62d4\mrxsmb.sys : 123.392 : 05/04/2011 09:43 AM : ca7570e42522e24324a12161db14ec02 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20612_none_803a1285cb588f10\mrxsmb.sys : 123.392 : 01/08/2010 09:18 AM : f7fcc6528d5b55c38cc436eb64d0d045 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20655_none_8011d3b3cb764ad9\mrxsmb.sys : 123.392 : 02/27/2010 09:33 AM : dd364c196f822edc52217e8e819c8664 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20907_none_8049e995cb4be947\mrxsmb.sys : 123.904 : 02/23/2011 09:37 AM : 5dc06ceb9aa4b65e724376766eb410ab [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20959_none_8015da8dcb72a7aa\mrxsmb.sys : 123.904 : 05/04/2011 09:23 AM : ae6248d356c6c1de1623f0610b7fb0a3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_8198d720af5f882e\mrxsmb.sys : 123.904 : 11/20/2010 09:42 AM : b272b4c3e085ea860c12f2e4faf2ffa2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_8163c7ceaf872d3a\mrxsmb.sys : 123.904 : 02/23/2011 09:47 AM : ed3d3419b064f28d812995ed8cadc541 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17605_none_81a4a93caf5682bb\mrxsmb.sys : 123.904 : 04/27/2011 09:17 AM : 5d16c921e3671636c0eba3bbaac5fd25 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_81ee64e3c8a3e65b\mrxsmb.sys : 123.904 : 02/23/2011 09:09 AM : c76fd653db8b90da85ead12b12fffc9f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21714_none_822275d1c87d251f\mrxsmb.sys : 123.904 : 04/27/2011 09:15 AM : 39a8ff477b3f5d0edfe814155841c735 [Pos Repl]

* C:\Windows\System32\drivers\msfs.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-msfs_31bf3856ad364e35_6.1.7600.16385_none_a646965e7e3ffc0c\msfs.sys : 22.528 : 07/14/2009 09:11 AM : daefb28e3af5a76abcc2c3078c07327f [Pos Repl]

* C:\Windows\System32\drivers\MSKSSRV.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mskssrv.sys : 8.320 : 07/14/2009 09:45 AM : 8c0860d6366aaffb6c5bb9df9448e631 [Pos Repl]

* C:\Windows\System32\drivers\MSPCLOCK.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mspclock.sys : 5.888 : 07/14/2009 09:45 AM : 3ea8b949f963562cedbb549eac0c11ce [Pos Repl]

* C:\Windows\System32\drivers\MSPQM.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernelstreamingsupport_31bf3856ad364e35_6.1.7600.16385_none_61cb11453c0f45a5\mspqm.sys : 5.504 : 07/14/2009 09:45 AM : f456e973590d663b1073e9c463b40932 [Pos Repl]

* C:\Windows\System32\drivers\mssmbios.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\mssmbios.sys : 28.240 : 07/14/2009 09:20 AM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\mssmbios.sys : 28.240 : 07/14/2009 09:20 AM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\mssmbios.sys : 28.240 : 07/14/2009 09:20 AM : fc6b9ff600cc585ea38b12589bd4e246 [Pos Repl]

* C:\Windows\System32\drivers\mup.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-mup_31bf3856ad364e35_6.1.7600.16385_none_acc89f51b9d75e29\mup.sys : 49.728 : 07/14/2009 09:20 AM : 159fad02f64e6381758c990f753bcc80 [Pos Repl]

* C:\Windows\System32\drivers\ndis.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys : 710.720 : 07/14/2009 09:20 AM : 23759d175a0a9baaf04d05047bc135a8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys : 712.576 : 11/20/2010 09:30 AM : e7c54812a2aaf43316eb6930c1ffa108 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys : 712.048 : 08/22/2012 07:16 PM : 8c9c922d71f1cd4def73f186416b7896 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys : 712.048 : 08/22/2012 07:05 PM : 15b74b6283cebcce3054c1001ca01b5e [Pos Repl]

* C:\Windows\System32\drivers\ndistapi.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\ndistapi.sys : 20.992 : 07/14/2009 07:54 AM : e4a8aec125a2e43a9e32afeea7c9c888 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\ndistapi.sys : 20.992 : 07/14/2009 07:54 AM : e4a8aec125a2e43a9e32afeea7c9c888 [Pos Repl]

* C:\Windows\System32\drivers\ndisuio.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7600.16385_none_6bc75de74831b352\ndisuio.sys : 45.568 : 07/14/2009 07:53 AM : b30ae7f2b6d7e343b0df32e6c08fce75 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_6df871af452036ec\ndisuio.sys : 46.080 : 11/20/2010 07:06 AM : d8a65dafb3eb41cbb622745676fcd072 [Pos Repl]

* C:\Windows\System32\drivers\ndiswan.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7600.16385_none_f30ee6e4b89e5dbf\ndiswan.sys : 118.784 : 07/14/2009 07:54 AM : 267c415eadcbe53c9ca873dee39cf3a4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-ndiswan_31bf3856ad364e35_6.1.7601.17514_none_f53ffaacb58ce159\ndiswan.sys : 118.784 : 11/20/2010 07:07 AM : 38fbe267e7e6983311179230facb1017 [Pos Repl]

* C:\Windows\System32\drivers\ndproxy.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\ndproxy.sys : 48.128 : 07/14/2009 07:54 AM : af7e7c63dcef3f8772726f86039d6eb4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\ndproxy.sys : 48.640 : 11/20/2010 07:07 AM : a4bdc541e69674fbff1a8ff00be913f2 [Pos Repl]

* C:\Windows\System32\drivers\netbios.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-netbios_31bf3856ad364e35_6.1.7600.16385_none_59b80e4dcc72e431\netbios.sys : 36.352 : 07/14/2009 07:53 AM : 80b275b1ce3b0e79909db7b39af74d51 [Pos Repl]

* C:\Windows\System32\drivers\netbt.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys : 187.904 : 07/14/2009 07:12 AM : dd52a733bf4ca5af84562a5e2f963b91 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys : 187.904 : 11/20/2010 07:39 AM : 280122ddcf04b378edd1ad54d71c1e54 [Pos Repl]

* C:\Windows\System32\drivers\npfs.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-npfs_31bf3856ad364e35_6.1.7600.16385_none_a647db007e3ec880\npfs.sys : 35.328 : 07/14/2009 07:11 AM : 1db262a9f8c087e8153d89bef3d2235f [Pos Repl]

* C:\Windows\System32\drivers\ntfs.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys : 1.210.432 : 07/14/2009 07:20 AM : 3795dcd21f740ee799fb7223234215af [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys : 1.210.240 : 03/11/2011 07:44 AM : 187002ce05693c306f43c873f821381f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys : 1.210.752 : 03/11/2011 07:52 AM : a7266d82db9675afbded39695b69edac [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys : 1.211.264 : 11/20/2010 07:30 AM : 33c3093d09017cfe2e219f2472bff6eb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys : 1.211.264 : 03/11/2011 07:39 AM : 81189c3d7763838e55c397759d49007a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys : 1.211.264 : 03/11/2011 07:28 AM : e2ede3f02f95b896a1c7c6f0cc0c4083 [Pos Repl]

* C:\Windows\System32\drivers\null.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_a93c43a07c50a038\null.sys : 4.608 : 07/14/2009 07:11 AM : f9756a98d69098dca8945d62858a812c [Pos Repl]

* C:\Windows\System32\drivers\parport.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\parport.sys : 79.360 : 07/14/2009 09:45 AM : 2ea877ed5dd9713c5ac74e8ea7348d14 [Pos Repl]
+-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\parport.sys : 79.360 : 07/14/2009 07:45 AM : 2ea877ed5dd9713c5ac74e8ea7348d14 [Pos Repl]

* C:\Windows\System32\drivers\partmgr.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16385_none_e17269af1bc32604\partmgr.sys : 56.912 : 07/14/2009 07:20 AM : ff4218952b51de44fe910953a3e686b9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16979_none_e18146271bb75e59\partmgr.sys : 56.688 : 03/17/2012 07:20 AM : 66d3415c159741ade7038a277efff99f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.21172_none_e203b90e34db8004\partmgr.sys : 56.176 : 03/17/2012 07:25 AM : 58916826a13a721e7f73f454daa6c9c8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17514_none_e3a37d7718b1a99e\partmgr.sys : 56.192 : 11/20/2010 07:30 AM : bf8f6af06da75b336f07e23aef97d93b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17796_none_e34f027718f0b622\partmgr.sys : 56.176 : 03/17/2012 07:27 AM : 3f34a1b4c5f6475f320c275e63afce9b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.21946_none_e40eb0c431e5c75e\partmgr.sys : 56.176 : 03/17/2012 07:05 AM : 2dbfa1d13f039e222d18bc7b36ac6cdb [Pos Repl]

* C:\Windows\System32\drivers\parvdm.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\parvdm.sys : 8.704 : 07/14/2009 09:45 AM : eb0a59f29c19b86479d36b35983daadc [Pos Repl]
+-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\parvdm.sys : 8.704 : 07/14/2009 07:45 AM : eb0a59f29c19b86479d36b35983daadc [Pos Repl]

* C:\Windows\System32\drivers\pciidex.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\pciidex.sys : 42.560 : 07/14/2009 09:19 AM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\pciidex.sys : 42.560 : 07/14/2009 07:19 AM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]
+-> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\pciidex.sys : 42.560 : 07/14/2009 07:19 AM : ede040d666ff81bf1978d0f19f799e7a [Pos Repl]

* C:\Windows\System32\drivers\pci.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\pci.sys : 153.984 : 11/20/2010 09:30 AM : 673e55c3498eb970088e812ea820aa8f [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\pci.sys : 153.680 : 07/14/2009 07:20 AM : c858cb77c577780ecc456a892e7e7d0f [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\pci.sys : 153.984 : 11/20/2010 07:30 AM : 673e55c3498eb970088e812ea820aa8f [Pos Repl]

* C:\Windows\System32\drivers\pcmcia.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\pcmcia.inf_x86_neutral_42dda5eb5768a3df\pcmcia.sys : 180.288 : 07/14/2009 09:19 AM : f396431b31693e71e8a80687ef523506 [Pos Repl]
+-> C:\Windows\winsxs\x86_pcmcia.inf_31bf3856ad364e35_6.1.7600.16385_none_85a22802fc99e371\pcmcia.sys : 180.288 : 07/14/2009 07:19 AM : f396431b31693e71e8a80687ef523506 [Pos Repl]

* C:\Windows\System32\drivers\portcls.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_aed2a4456700dfde\portcls.sys : 177.152 : 07/14/2009 09:51 AM : d72708c9f49500c13d7d067e169b7715 [Pos Repl]
+-> C:\Windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.1.7600.16385_none_603daf367b793e32\portcls.sys : 177.152 : 07/14/2009 07:51 AM : d72708c9f49500c13d7d067e169b7715 [Pos Repl]

* C:\Windows\System32\drivers\processr.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\cpu.inf_x86_neutral_729b871528391032\processr.sys : 52.224 : 07/14/2009 09:11 AM : 85b1e3a0c7585bc4aae6899ec6fcf011 [Pos Repl]
+-> C:\Windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.1.7600.16385_none_5d20b0c250b4b524\processr.sys : 52.224 : 07/14/2009 07:11 AM : 85b1e3a0c7585bc4aae6899ec6fcf011 [Pos Repl]

* C:\Windows\System32\drivers\rasacd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys : 11.776 : 07/14/2009 07:54 AM : 30a81b53c766d0133bb86d234e5556ab [Pos Repl]

* C:\Windows\System32\drivers\rasl2tp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-rasl2tp_31bf3856ad364e35_6.1.7600.16385_none_99b2a2c04941dfb7\rasl2tp.sys : 78.848 : 07/14/2009 07:54 AM : d9f91eafec2815365cbe6d167e4e332a [Pos Repl]

* C:\Windows\System32\drivers\raspppoe.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-raspppoe_31bf3856ad364e35_6.1.7600.16385_none_5609da43fbeb6e85\raspppoe.sys : 77.824 : 07/14/2009 07:54 AM : 0fe8b15916307a6ac12bfb6a63e45507 [Pos Repl]

* C:\Windows\System32\drivers\raspptp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase-raspptp_31bf3856ad364e35_6.1.7600.16385_none_99c574fc492a728d\raspptp.sys : 73.728 : 07/14/2009 07:54 AM : 631e3e205ad6d86f2aed6a4a8e69f2db [Pos Repl]

* C:\Windows\System32\drivers\rdbss.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7600.16385_none_59ab2defc2bd0505\rdbss.sys : 241.664 : 07/14/2009 07:14 AM : 835d7e81bf517a3b72384bdcc85e1ce6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rdbss_31bf3856ad364e35_6.1.7601.17514_none_5bdc41b7bfab889f\rdbss.sys : 242.688 : 11/20/2010 07:44 AM : d528bc58a489409ba40334ebf96a311b [Pos Repl]

* C:\Windows\System32\drivers\rdpcdd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_d4b17a3e9f928d55\RDPCDD.sys : 6.656 : 07/14/2009 07:01 AM : 1e016846895b15a99f9a176a05029075 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7601.17514_none_d6e28e069c8110ef\RDPCDD.sys : 6.656 : 11/20/2010 07:22 AM : 23dae03f29d253ae74c44f99e515f9a1 [Pos Repl]

* C:\Windows\System32\drivers\rdpdr.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7600.16385_none_011065d1aa5ad954\rdpdr.sys : 133.120 : 07/14/2009 07:02 AM : c5ff95883ffef704d50c40d21cfb3ab5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7601.17514_none_03417999a7495cee\rdpdr.sys : 133.632 : 11/20/2010 07:24 AM : b973fcfc50dc1434e1970a146f7e3885 [Pos Repl]

* C:\Windows\System32\drivers\rdpwd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys : 177.152 : 07/14/2009 07:01 AM : 801371ba9782282892d00aadb08ee367 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16963_none_4b5f89133647a225\rdpwd.sys : 177.152 : 02/15/2012 07:22 AM : 0399c725a9c95a6f1862b93f008ddf4a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.17011_none_4b93703d36211704\rdpwd.sys : 177.152 : 04/28/2012 07:19 AM : c5b8d47a4688de9d335204ea757c2240 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21151_none_4bf1cd584f5f2692\rdpwd.sys : 178.176 : 02/17/2012 07:16 AM : 9abed8c1607153bb89488187529c3db5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21202_none_4c28df244f35b15b\rdpwd.sys : 178.176 : 04/28/2012 07:19 AM : 9a67f7b4939f6a3ec7464c07737682f6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys : 183.808 : 11/20/2010 07:22 AM : 288b06960d78428ff89e811632684e20 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_4d4117e93370c20c\rdpwd.sys : 183.808 : 02/17/2012 07:14 AM : 244c83332f44589ae98fc347f11b2693 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17830_none_4d6356e533586b60\rdpwd.sys : 183.808 : 04/28/2012 07:17 AM : f031683e6d1fea157abb2ff260b51e61 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_4dfbc4c44c6a5495\rdpwd.sys : 183.808 : 02/17/2012 07:09 AM : 2570d1f85c0ce1096e075f2de96d11d9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21982_none_4db8e4a84c9cc98d\rdpwd.sys : 183.808 : 04/28/2012 07:08 AM : f665adb892f8002248274d9a22dddb00 [Pos Repl]

* C:\Windows\System32\drivers\rmcast.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7600.16385_none_54542254e93e94e1\rmcast.sys : 117.248 : 07/14/2009 07:53 AM : b4090006a82eeb608c358ab5d37de85a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.1.7601.17514_none_5685361ce62d187b\rmcast.sys : 117.760 : 11/20/2010 07:06 AM : 906dcfc5ebf4ec0433f8d4fffb0ba334 [Pos Repl]

* C:\Windows\System32\drivers\rndismp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7600.16385_none_e10505d0ed38f22a\RNDISMP.sys : 33.280 : 07/14/2009 07:54 AM : 7400cfab5cf36f2294e80b3f3bda3ebc [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.17887_none_e2ed70b4ea5d7cd5\RNDISMP.sys : 33.280 : 07/04/2012 09:45 PM : ed80d303102a746d30c1684b387bcbf1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rndis-miniport_31bf3856ad364e35_6.1.7601.22044_none_e39f2474035d9418\RNDISMP.sys : 33.280 : 07/04/2012 09:41 PM : d501fe23fef6c001f1bf21975eec7808 [Pos Repl]

* C:\Windows\System32\drivers\rootmdm.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-unimodem-core_31bf3856ad364e35_6.1.7600.16385_none_946e88ef35e184db\rootmdm.sys : 8.192 : 07/14/2009 09:55 AM : 564297827d213f52c7a3a2ff749568ca [Pos Repl]

* C:\Windows\System32\drivers\scsiport.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft.windows.s..se.scsi_port_driver_31bf3856ad364e35_6.1.7600.16385_none_e55684068b7262bb\scsiport.sys : 140.368 : 07/14/2009 09:19 AM : f9882099e58ecf8b0e1c7afa5d2cc56d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft.windows.s..se.scsi_port_driver_31bf3856ad364e35_6.1.7601.17514_none_e78797ce8860e655\scsiport.sys : 140.160 : 11/20/2010 09:30 AM : 099972e1faf4950d3994fbab9dd21253 [Pos Repl]

* C:\Windows\System32\drivers\serenum.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serenum.sys : 17.920 : 07/14/2009 09:45 AM : 9ad8b8b515e3df6acd4212ef465de2d1 [Pos Repl]
+-> C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serenum.sys : 17.920 : 07/14/2009 09:45 AM : 9ad8b8b515e3df6acd4212ef465de2d1 [Pos Repl]

* C:\Windows\System32\drivers\sffdisk.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_x86_neutral_7e5210507f8fc265\sffdisk.sys : 11.264 : 07/14/2009 09:45 AM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16385_none_a411df264b3d893a\sffdisk.sys : 11.264 : 07/14/2009 09:45 AM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16438_none_a44af1864b1246b1\sffdisk.sys : 11.264 : 07/14/2009 09:45 AM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.20546_none_a4c7bdd16439cfbe\sffdisk.sys : 11.264 : 07/14/2009 09:45 AM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_a642f2ee482c0cd4\sffdisk.sys : 11.264 : 07/14/2009 09:45 AM : 9f976e1eb233df46fce808d9dea3eb9c [Pos Repl]

* C:\Windows\System32\drivers\sffp_sd.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\sffdisk.inf_x86_neutral_7e5210507f8fc265\sffp_sd.sys : 12.800 : 11/20/2010 09:50 AM : 6d4ccaedc018f1cf52866bbbaa235982 [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16385_none_a411df264b3d893a\sffp_sd.sys : 12.800 : 07/14/2009 09:45 AM : 4f1e5b0fe7c8050668dbfade8999aefb [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.16438_none_a44af1864b1246b1\sffp_sd.sys : 12.800 : 10/10/2009 09:57 AM : a0708bbd07d245c06ff9de549ca47185 [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7600.20546_none_a4c7bdd16439cfbe\sffp_sd.sys : 12.800 : 10/10/2009 09:55 AM : 6790a1c44bdafdbf7fbebcba95fc1a32 [Pos Repl]
+-> C:\Windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.1.7601.17514_none_a642f2ee482c0cd4\sffp_sd.sys : 12.800 : 11/20/2010 09:50 AM : 6d4ccaedc018f1cf52866bbbaa235982 [Pos Repl]

* C:\Windows\System32\drivers\sfloppy.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys : 13.824 : 07/14/2009 09:45 AM : db96666cc8312ebc45032f30b007a547 [Pos Repl]
+-> C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys : 13.824 : 07/14/2009 09:45 AM : db96666cc8312ebc45032f30b007a547 [Pos Repl]

* C:\Windows\System32\drivers\smclib.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft.windows.s...smart_card_library_31bf3856ad364e35_6.1.7600.16385_none_f9da031b490b1c8a\smclib.sys : 17.408 : 07/14/2009 09:45 AM : 2e467e6ca8e0a140c08011844c0d3936 [Pos Repl]

* C:\Windows\System32\drivers\srv.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16385_none_d9cdbf7e57c72d46\srv.sys : 309.760 : 07/14/2009 09:15 AM : 2ba4ebc7dfba845a1edbe1f75913be33 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16481_none_d9c9c03c57cac511\srv.sys : 310.784 : 12/08/2009 09:05 AM : 50a83ca406c808bd35ac9141a0c7618f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16619_none_da1d75cc578ac680\srv.sys : 310.784 : 06/22/2010 09:47 AM : dd0dd124d95390fdffa7fb6283923ed4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16664_none_d9e264be57b7d382\srv.sys : 310.784 : 08/27/2010 09:31 AM : 2dbedfb1853f06110ec2aa7f3213c89f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16765_none_d9e366ee57b6ea00\srv.sys : 311.296 : 02/23/2011 09:06 AM : 4a9b0f215de2519e2363f91df25c1e97 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.16806_none_da2548a6578558d8\srv.sys : 311.296 : 04/29/2011 09:57 AM : c4a027b8c0bd3fc0699f41fa5e9e0c87 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20591_none_da488d1b70f080cc\srv.sys : 310.784 : 12/08/2009 09:01 AM : 71f9ccbdd88e42360d0e782492f37a6a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20740_none_da7da03970c8d60e\srv.sys : 311.296 : 06/22/2010 09:45 AM : 1610437b099a40d18a8975edab98a301 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20789_none_da5b632370e129e1\srv.sys : 311.296 : 08/27/2010 09:28 AM : f28094971cd10dd0c09930fb654ada0b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20907_none_daafe5bb70a211f9\srv.sys : 311.808 : 02/23/2011 09:38 AM : d0806dbfe08ab1a11b673c1e43d70efb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7600.20956_none_da78d5d570cb8457\srv.sys : 311.808 : 04/29/2011 09:49 AM : 110ad8cd36f173e917b1145950042b79 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17514_none_dbfed34654b5b0e0\srv.sys : 311.296 : 11/20/2010 09:45 AM : 112127c3b2e64d7680cc39cd0a39dd7e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17565_none_dbc9c3f454dd55ec\srv.sys : 311.808 : 02/23/2011 09:48 AM : 4e636465a8653ba3bf29f929aa578e6f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.17608_none_dc0da64054a9f772\srv.sys : 311.808 : 04/29/2011 09:46 AM : e4c2764065d66ea1d2d3ebc28fe99c46 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.21666_none_dc5461096dfa0f0d\srv.sys : 311.808 : 02/23/2011 09:10 AM : 52c2b8f7dbb796954a98cf7bc8753766 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.1.7601.21717_none_dc8b72d56dd099d6\srv.sys : 311.808 : 04/29/2011 09:19 AM : b9526afe58b0eb537a391dfa925a1e40 [Pos Repl]

* C:\Windows\System32\drivers\stream.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-streamclass_31bf3856ad364e35_6.1.7600.16385_none_5e3aebd498f644ed\stream.sys : 53.632 : 07/14/2009 09:50 AM : 45b44fc9e5ac0db02b19d515ee809de5 [Pos Repl]

* C:\Windows\System32\drivers\swenum.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\swenum.sys : 12.240 : 07/14/2009 09:19 AM : e58c78a848add9610a4db6d214af5224 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\swenum.sys : 12.240 : 07/14/2009 09:19 AM : e58c78a848add9610a4db6d214af5224 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\swenum.sys : 12.240 : 07/14/2009 09:19 AM : e58c78a848add9610a4db6d214af5224 [Pos Repl]

* C:\Windows\System32\drivers\tape.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft.windows.h..pedrive-driverclass_31bf3856ad364e35_6.1.7600.16385_none_9200269b1ea20fd1\tape.sys : 24.576 : 07/14/2009 09:45 AM : 949c35bf4ae6c110a924ab5e2175dda7 [Pos Repl]

* C:\Windows\System32\Drivers\tcpip.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys : 1.285.712 : 07/14/2009 09:19 AM : 2cc3d75488abd3ec628bbb9a4fc84efc [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys : 1.286.016 : 06/14/2010 09:12 AM : bb7f39c31c4a4417fd318e7cd184e225 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys : 1.286.016 : 04/25/2011 09:56 AM : 0158d5e9982e9d6a90dfc802f618e130 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys : 1.286.016 : 06/21/2011 09:39 AM : c2daaeb48f3a47c410b041a0d2382ee1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys : 1.285.488 : 09/29/2011 05:43 PM : 56c198ac82efa622dd93e9e43575f79c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys : 1.287.024 : 03/30/2012 05:29 AM : 55e9965552741f3850cb22cbba9671ed [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys : 1.288.576 : 06/14/2010 05:06 AM : a39ea325c081ad27461f630c8e3e56e0 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys : 1.298.816 : 04/25/2011 05:44 AM : 8861b9a06ba99c6e1d62d0c86dfab86c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys : 1.301.376 : 06/21/2011 05:30 AM : 93c444d118b184452132357c322124cd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys : 1.301.872 : 09/29/2011 06:02 PM : 22f7e7cbca308dee3428b097d4f8a61c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys : 1.303.408 : 03/30/2012 06:08 AM : e47c2844a1605a44178f4281e4d58b3d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys : 1.290.112 : 11/20/2010 06:30 AM : 37e8fa3779668837ca9e2c36d2415949 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys : 1.290.624 : 04/25/2011 06:31 AM : 24326784df8f3d5f5bbb9f878ce33c14 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys : 1.290.624 : 06/21/2011 06:34 AM : 04e4a7d53a7ace02e8c55b17a498f631 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys : 1.290.608 : 09/29/2011 06:03 PM : 65d10b191c59c5501a1263fc33f6894b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys : 1.291.632 : 03/30/2012 06:23 AM : 7fa2e0f8b072bd04b77b421480b6cc22 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys : 1.292.144 : 08/22/2012 07:16 PM : a5ebb8f648000e88b7d9390b514976bf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys : 1.301.376 : 04/25/2011 07:31 AM : 6d4728cff2724ff3a4654971d61d0f1c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys : 1.303.424 : 06/21/2011 07:54 AM : dec4940487050ae13c60c86f40e07e75 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys : 1.303.920 : 09/29/2011 06:17 PM : 3c1c41e317710f74cec1e7f0d5325993 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys : 1.306.480 : 03/30/2012 06:04 AM : 88fcdb9923efeca207b3cebd24407126 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys : 1.306.992 : 08/22/2012 07:05 PM : 23790a44d9a6b67f8690c34d4f516446 [Pos Repl]

* C:\Windows\System32\drivers\tdi.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7600.16385_none_66c49eaf974a0e9b\tdi.sys : 20.992 : 07/14/2009 07:12 AM : 52639c994fe3cd975bfe7428b939b320 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7601.17514_none_68f5b27794389235\tdi.sys : 21.504 : 11/20/2010 07:39 AM : 2f885864d5bc8a16c86bee595969a48a [Pos Repl]

* C:\Windows\System32\drivers\tdpipe.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys : 17.920 : 07/14/2009 07:01 AM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdpipe.sys : 17.920 : 07/14/2009 07:01 AM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdpipe.sys : 17.920 : 07/14/2009 07:01 AM : 1875c1490d99e70e449e3afae9fcbadf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys : 18.432 : 11/20/2010 07:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdpipe.sys : 18.432 : 11/20/2010 07:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdpipe.sys : 18.432 : 11/20/2010 07:21 AM : 1cb91b2bd8f6dd367dfc2ef26fd751b2 [Pos Repl]

* C:\Windows\System32\drivers\tdtcp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys : 24.064 : 07/14/2009 07:01 AM : 7551e91ea999ee9a8e9c331d5a9c31f3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdtcp.sys : 24.064 : 02/15/2012 07:22 AM : 7156308896d34ea75a582f9a09e50c17 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdtcp.sys : 24.064 : 02/17/2012 07:16 AM : b311ac66edb0201981f6c1a444e42454 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys : 24.576 : 11/20/2010 07:21 AM : 2c10395baa4847f83042813c515cc289 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdtcp.sys : 24.576 : 02/17/2012 07:13 AM : 2c2c5afe7ee4f620d69c23c0617651a8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdtcp.sys : 24.576 : 02/17/2012 07:09 AM : 010560bc6586d1c1cc7cef24b5db4d94 [Pos Repl]

* C:\Windows\System32\drivers\tdx.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys : 74.240 : 07/14/2009 07:12 AM : cb39e896a2a83702d1737bfd402b3542 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys : 74.752 : 11/20/2010 07:39 AM : b459575348c20e8121d6039da063c704 [Pos Repl]

* C:\Windows\System32\drivers\termdd.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\termdd.sys : 53.120 : 11/20/2010 09:30 AM : 04dbf4b01ea4bf25a9a3e84affac9b20 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\termdd.sys : 51.776 : 07/14/2009 07:19 AM : c36f41ee20e6999dbf4b0425963268a5 [Pos Repl]
+-> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\termdd.sys : 53.120 : 11/20/2010 07:30 AM : 04dbf4b01ea4bf25a9a3e84affac9b20 [Pos Repl]

* C:\Windows\System32\drivers\udfs.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-udfs_31bf3856ad364e35_6.1.7600.16385_none_a64fee667e374655\udfs.sys : 246.784 : 07/14/2009 07:14 AM : 09cc3e16f8e5ee7168e01cf8fcbe061a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-udfs_31bf3856ad364e35_6.1.7601.17514_none_a881022e7b25c9ef\udfs.sys : 246.784 : 11/20/2010 07:42 AM : ee43346c7e4b5e63e54f927babbb32ff [Pos Repl]

* C:\Windows\System32\drivers\usb8023.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rndis-usb-microport_31bf3856ad364e35_6.1.7600.16385_none_c4c31b1bb3fed11a\usb8023.sys : 15.872 : 07/14/2009 07:54 AM : b71da871254d96d0349639d03e4c1cc1 [Pos Repl]

* C:\Windows\System32\drivers\usbcamd2.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7600.16385_none_9f5eb7b3d98ea3ce\USBCAMD2.sys : 25.856 : 07/14/2009 07:51 AM : 2190f65ec7e9ae7a301e01e4261acef8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_a18fcb7bd67d2768\USBCAMD2.sys : 25.856 : 11/20/2010 07:00 AM : e071e5be621fec4590117c488a78ae32 [Pos Repl]

* C:\Windows\System32\drivers\usbcamd.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7600.16385_none_9f5eb7b3d98ea3ce\USBCAMD.sys : 25.856 : 07/14/2009 07:51 AM : 47d88f155eb4e4be60ebd76ac8d17db7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usbcamd_31bf3856ad364e35_6.1.7601.17514_none_a18fcb7bd67d2768\USBCAMD.sys : 25.856 : 11/20/2010 07:00 AM : fd82d2b38c465a55c527e339ba1201b1 [Pos Repl]

* C:\Windows\System32\drivers\usbccgp.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_1584ed9878602b0f\usbccgp.sys : 75.776 : 03/25/2011 09:58 AM : bd9c55d7023c5de374507acc7a14e2ac [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_2620fd493cad7d41\usbccgp.sys : 75.776 : 11/20/2010 09:00 AM : 7e72e7d7e0757d59481d530fd2b0bfae [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16385_none_cacebd196fc5e8e0\usbccgp.sys : 75.264 : 07/14/2009 07:51 AM : 8455c4ed038efd09e99327f9d2d48ffa [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16788_none_cad1c58f6fc32981\usbccgp.sys : 75.776 : 03/25/2011 07:06 AM : c31ae588e403042632dc796cf09e30b0 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.20934_none_cb8d72b488bbd561\usbccgp.sys : 76.288 : 03/29/2011 07:06 AM : 5c233aefb566ee78c1efbc0493fb066a [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_ccffd0e16cb46c7a\usbccgp.sys : 75.776 : 11/20/2010 07:00 AM : 7e72e7d7e0757d59481d530fd2b0bfae [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_ccb622016ceb62bf\usbccgp.sys : 75.776 : 03/25/2011 07:58 AM : bd9c55d7023c5de374507acc7a14e2ac [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_cd30edb88614b91e\usbccgp.sys : 76.288 : 03/25/2011 07:54 AM : 4663ad7f61519e88687393bfcb154e4c [Pos Repl]

* C:\Windows\System32\drivers\usbd.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbd.sys : 5.888 : 03/25/2011 09:57 AM : 5787196f32d043572ec6565c0ef1b8e0 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbd.sys : 5.888 : 07/14/2009 09:51 AM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbd.sys : 5.888 : 07/14/2009 07:51 AM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbd.sys : 5.888 : 03/25/2011 07:06 AM : 675c1d745f68343f372897f761f999e3 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbd.sys : 5.888 : 03/29/2011 07:06 AM : 93830f54044c63877f681d30ec50c5df [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbd.sys : 5.888 : 07/14/2009 07:51 AM : 18e71ea0e063037a5c3c8272a5262b7c [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbd.sys : 5.888 : 03/25/2011 07:57 AM : 5787196f32d043572ec6565c0ef1b8e0 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbd.sys : 5.888 : 03/25/2011 07:54 AM : 90922e9530dc3e126f215648b258ab24 [Pos Repl]

* C:\Windows\System32\drivers\usbehci.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbehci.sys : 43.008 : 03/25/2011 09:57 AM : f92de757e4b7ce9c07c5e65423f3ae3b [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbehci.sys : 42.496 : 11/20/2010 09:59 AM : cfbce999c057d78979a181c9c60f208e [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbehci.sys : 41.472 : 07/14/2009 07:51 AM : 1c333bfd60f2fed2c7ad5daf533cb742 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbehci.sys : 43.008 : 03/25/2011 07:06 AM : e4c436d914768ce965d5e659ba7eebd8 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbehci.sys : 43.008 : 03/29/2011 07:06 AM : 5b71019a6aca0116fd21b368f19c0b91 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbehci.sys : 42.496 : 11/20/2010 07:59 AM : cfbce999c057d78979a181c9c60f208e [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbehci.sys : 43.008 : 03/25/2011 07:57 AM : f92de757e4b7ce9c07c5e65423f3ae3b [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbehci.sys : 43.008 : 03/25/2011 07:54 AM : b1e46b8058af716729d874b4df7c68e0 [Pos Repl]

* C:\Windows\System32\drivers\usbhub.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_1584ed9878602b0f\usbhub.sys : 258.560 : 03/25/2011 09:58 AM : 8dc94aec6a7e644a06135ae7506dc2e9 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_2620fd493cad7d41\usbhub.sys : 258.560 : 11/20/2010 09:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbhub.sys : 258.560 : 03/25/2011 09:58 AM : 8dc94aec6a7e644a06135ae7506dc2e9 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbhub.sys : 258.560 : 11/20/2010 09:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16385_none_cacebd196fc5e8e0\usbhub.sys : 258.560 : 07/14/2009 07:52 AM : ee6ef93ccfa94fae8c6ab298273d8ae2 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.16788_none_cad1c58f6fc32981\usbhub.sys : 258.560 : 03/25/2011 07:06 AM : bdcd7156ec37448f08633fd899823620 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7600.20934_none_cb8d72b488bbd561\usbhub.sys : 258.560 : 03/29/2011 07:07 AM : 5823d3965c2a4f6f785ed1a3b403f3b8 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17514_none_ccffd0e16cb46c7a\usbhub.sys : 258.560 : 11/20/2010 07:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.17586_none_ccb622016ceb62bf\usbhub.sys : 258.560 : 03/25/2011 07:58 AM : 8dc94aec6a7e644a06135ae7506dc2e9 [Pos Repl]
+-> C:\Windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.1.7601.21692_none_cd30edb88614b91e\usbhub.sys : 258.560 : 03/25/2011 07:55 AM : 57ca3e7c775c22c62927a41838e10938 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbhub.sys : 258.560 : 07/14/2009 07:52 AM : ee6ef93ccfa94fae8c6ab298273d8ae2 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbhub.sys : 258.560 : 03/25/2011 07:06 AM : bdcd7156ec37448f08633fd899823620 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbhub.sys : 258.560 : 03/29/2011 07:07 AM : 5823d3965c2a4f6f785ed1a3b403f3b8 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbhub.sys : 258.560 : 11/20/2010 07:01 AM : 9d22aad9ac6a07c691a1113e5f860868 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbhub.sys : 258.560 : 03/25/2011 07:58 AM : 8dc94aec6a7e644a06135ae7506dc2e9 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbhub.sys : 258.560 : 03/25/2011 07:55 AM : 57ca3e7c775c22c62927a41838e10938 [Pos Repl]

* C:\Windows\System32\drivers\usbport.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbport.sys : 284.672 : 03/25/2011 09:58 AM : 3aa940aa9ac3055fe32ff2d3d20ccd28 [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbport.sys : 284.672 : 11/20/2010 09:00 AM : f3adcfb2f0ba791a26ac8e9c33d7e20e [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbport.sys : 284.160 : 07/14/2009 07:51 AM : f6d1c957c5bf4f274aad1da7059916e4 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbport.sys : 284.160 : 03/25/2011 07:06 AM : 3d0074a19d16a9944be32ee1ffbbb554 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbport.sys : 284.160 : 03/29/2011 07:06 AM : 40048b479ae6d7f0528033376513ab73 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbport.sys : 284.672 : 11/20/2010 07:00 AM : f3adcfb2f0ba791a26ac8e9c33d7e20e [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbport.sys : 284.672 : 03/25/2011 07:58 AM : 3aa940aa9ac3055fe32ff2d3d20ccd28 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbport.sys : 284.672 : 03/25/2011 07:54 AM : 1663f585dedbbbd20dc0dffe0de485a8 [Pos Repl]

* C:\Windows\System32\drivers\USBSTOR.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_c77d41a490bdc63d\USBSTOR.SYS : 76.288 : 11/20/2010 09:00 AM : bf63ebfc6979fefb2bc03df7989a0c1a [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_e6d53e776821c5b8\USBSTOR.SYS : 76.288 : 03/11/2011 09:01 AM : f991ab9cc6b908db552166768176896a [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_485ca4d9f926b0b4\USBSTOR.SYS : 74.752 : 07/14/2009 07:51 AM : d8889d56e0d27e57ed4591837fe71d27 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16778_none_486a7d3bf91bd564\USBSTOR.SYS : 75.776 : 03/11/2011 07:08 AM : 1c4287739a93594e57e2a9e6a3ed7353 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.20921_none_492329831217353f\USBSTOR.SYS : 75.776 : 03/11/2011 07:14 AM : e3d648ebd6eaae3c1a93e640c467d625 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_4a8db8a1f615344e\USBSTOR.SYS : 76.288 : 11/20/2010 07:00 AM : bf63ebfc6979fefb2bc03df7989a0c1a [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_4a4fd9f7f64327f9\USBSTOR.SYS : 76.288 : 03/11/2011 07:01 AM : f991ab9cc6b908db552166768176896a [Pos Repl]
+-> C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_4ac7a4d10f6f3253\USBSTOR.SYS : 76.288 : 03/11/2011 07:48 AM : 6a3db51d317307f3ac65cb127b9a2beb [Pos Repl]

* C:\Windows\System32\drivers\usbuhci.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_18e46bb8fd6f032e\usbuhci.sys : 24.064 : 03/25/2011 09:57 AM : 68df884cf41cdada664beb01daf67e3d [Pos Repl]
+-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_f9abf85fd00186bd\usbuhci.sys : 24.064 : 07/14/2009 09:51 AM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16385_none_bd98b59664e136c7\usbuhci.sys : 24.064 : 07/14/2009 07:51 AM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.16788_none_bd9bbe0c64de7768\usbuhci.sys : 24.064 : 03/25/2011 07:06 AM : 22480bf4e5a09192e5e30ba4dde79fa4 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7600.20934_none_be576b317dd72348\usbuhci.sys : 24.064 : 03/29/2011 07:06 AM : 6a30928a469ce802600e1ea8c0f2f53f [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_bfc9c95e61cfba61\usbuhci.sys : 24.064 : 07/14/2009 07:51 AM : 78780c3ebce17405b1ccd07a3a8a7d72 [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.17586_none_bf801a7e6206b0a6\usbuhci.sys : 24.064 : 03/25/2011 07:57 AM : 68df884cf41cdada664beb01daf67e3d [Pos Repl]
+-> C:\Windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.1.7601.21692_none_bffae6357b300705\usbuhci.sys : 24.064 : 03/25/2011 07:54 AM : 135f4678cffc8aadf6204a745576f2b1 [Pos Repl]

* C:\Windows\System32\drivers\vga.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-standardvga_31bf3856ad364e35_6.1.7600.16385_none_9c6287a93b5351ec\vga.sys : 25.088 : 07/14/2009 07:25 AM : 8e38096ad5c8570a6f1570a61e251561 [Pos Repl]

* C:\Windows\System32\drivers\videoprt.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-videoport_31bf3856ad364e35_6.1.7600.16385_none_bbf0a23665b80f3d\videoprt.sys : 111.616 : 07/14/2009 07:25 AM : 15c126d1b55814b9e5cab10a9c1f4c67 [Pos Repl]

* C:\Windows\System32\drivers\volsnap.sys [NoSig]
+-> C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys : 245.632 : 11/20/2010 09:30 AM : f497f67932c6fa693d7de2780631cfe7 [Pos Repl]
+-> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys : 245.328 : 07/14/2009 07:19 AM : 58df9d2481a56edde167e51b334d44fd [Pos Repl]
+-> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys : 245.632 : 11/20/2010 07:30 AM : f497f67932c6fa693d7de2780631cfe7 [Pos Repl]

* C:\Windows\System32\drivers\wanarp.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7600.16385_none_0db6be04dbc2da8a\wanarp.sys : 63.488 : 07/14/2009 07:55 AM : 692a712062146e96d28ba0b7d75de31b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.1.7601.17514_none_0fe7d1ccd8b15e24\wanarp.sys : 63.488 : 11/20/2010 07:07 AM : 3c3c78515f5ab448b022bdf5b8ffdd2e [Pos Repl]

* C:\Windows\System32\drivers\wmilib.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-wmilib_31bf3856ad364e35_6.1.7600.16385_none_592b507a658046bb\wmilib.sys : 14.912 : 07/14/2009 07:19 AM : 9a5b1059fe015db5269fbb25acbf841d [Pos Repl]

* C:\Windows\System32\drivers\ws2ifsl.sys [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys : 16.384 : 07/14/2009 07:55 AM : 6db3276587b853bf886b69528fdb048c [Pos Repl]

* C:\Windows\System32\dsound.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll : 453.632 : 07/14/2009 07:15 AM : 0e85c11f8850d524b02181c6e02ba9ae [Pos Repl]

* C:\Windows\System32\dssenh.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-d..ellman_software_csp_31bf3856ad364e35_6.1.7600.16385_none_3bcf11a6e63842c7\dssenh.dll : 156.728 : 07/14/2009 07:17 AM : 99b9343280af6a4c0f27cf2e28e94bbf [Pos Repl]

* C:\Windows\System32\dwm.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_8d79ea381e8590a8\dwm.exe : 92.672 : 07/14/2009 07:14 AM : 505bf4d1cadeb8d4f8bcd08d944de25d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe : 92.672 : 07/14/2009 07:14 AM : 505bf4d1cadeb8d4f8bcd08d944de25d [Pos Repl]

* C:\Windows\System32\es.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll : 271.360 : 07/14/2009 07:15 AM : f6916efc29d9953d5d0df06882ae8e16 [Pos Repl]

* C:\Windows\System32\hid.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_d6829e90e8c23da8\hid.dll : 22.016 : 07/14/2009 07:15 AM : 63df770df74acb370ef5a16727069aaf [Pos Repl]

* C:\Windows\System32\hnetcfg.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_b00c9bd7f5ed1c02\hnetcfg.dll : 288.256 : 07/14/2009 07:15 AM : 6383c60ec0133b14f5705f96369421b2 [Pos Repl]

* C:\Windows\System32\ias.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7600.16385_none_f8d730c7a3d9d889\ias.dll : 19.456 : 07/14/2009 07:15 AM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll : 19.456 : 07/14/2009 07:15 AM : a1e91b5b5273573fc132b683e550b5e6 [Pos Repl]

* C:\Windows\System32\imm32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_5c2c7439dbbe9273\imm32.dll : 118.272 : 07/14/2009 07:15 AM : 5df8132adf721329234403189fc94e16 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_5e5d8801d8ad160d\imm32.dll : 118.272 : 11/20/2010 07:19 AM : 4a8e2f20809cc161107faa94f6cf2685 [Pos Repl]

* C:\Windows\System32\ipsecsvc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7600.16385_none_43e4cdf54d58d3dd\IPSECSVC.DLL : 350.720 : 07/14/2009 07:15 AM : 48e1b75c6dc0232fd92baae4bd344721 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.1.7601.17514_none_4615e1bd4a475777\IPSECSVC.DLL : 350.208 : 11/20/2010 07:19 AM : 53946b69ba0836bd95b03759530c81ec [Pos Repl]

* C:\Windows\System32\kernel32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_93943b64b79f1e1f\kernel32.dll : 857.088 : 07/14/2009 07:15 AM : 4605f7ee9805f7e1c98d6c959dd2949c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16481_none_93903c22b7a2b5ea\kernel32.dll : 857.088 : 12/08/2009 07:33 AM : 0369ba73ce6d918745579b24339765e8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_93e0f4a0b76565a2\kernel32.dll : 868.352 : 05/14/2011 07:35 AM : 4f9c07f0d68e135f1e07c20647fc54f9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_93afb334b78b3d5c\kernel32.dll : 868.352 : 07/16/2011 07:34 AM : 7e99a20c758abb5ae89c7aeea3a9aeb2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20591_none_940f0901d0c871a5\kernel32.dll : 857.088 : 12/08/2009 07:57 AM : eb7b2309a2b16eeb73c2c13477fef8fb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_942bb277d0b1dfc0\kernel32.dll : 868.352 : 06/03/2011 07:01 AM : 11826814aa8c1177cbf6bc40105e9a87 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_946467d1d088a0a4\kernel32.dll : 868.352 : 07/16/2011 07:25 AM : 12dd18c6ecadedb922e40b494d315206 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_95c54f2cb48da1b9\kernel32.dll : 857.600 : 11/20/2010 07:19 AM : 5553784d774ca845380650e010bbda2c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_95c851f0b48aeae5\kernel32.dll : 868.352 : 05/14/2011 07:26 AM : 02d5e2d9d9497f314c97e082a1cb9808 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_95971084b4b0c29f\kernel32.dll : 868.352 : 07/16/2011 07:27 AM : e570cbd732848438eac574eb3442a2a8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_96481f19cdafbff7\kernel32.dll : 868.352 : 05/14/2011 07:40 AM : 5717fc9d2a1daa0596dc7d940f2d613c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_960c0dc1cdddb3a2\kernel32.dll : 868.352 : 07/16/2011 07:54 AM : 921f8b3ff01501c9934ccb3c270833d7 [Pos Repl]

* C:\Windows\System32\ksuser.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_e7d7f27ff89fda02\ksuser.dll : 4.608 : 07/14/2009 07:15 AM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll : 4.608 : 07/14/2009 07:15 AM : 9c67f6bbda3881cfd02095160cf91576 [Pos Repl]

* C:\Windows\System32\linkinfo.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_383b884006a7a723\linkinfo.dll : 22.016 : 07/14/2009 07:15 AM : 5987ea8a82c53359bcd2c29d6588583e [Pos Repl]

* C:\Windows\System32\lpk.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_a9fcef03bb9bc457\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_a9d3afe7bbba66c9\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16600_none_a9faf23bbb9d8bf7\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16691_none_a99aa339bbe5a0c7\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16734_none_a9de8585bbb2424d\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16763_none_a9bd1577bbcb7cc9\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_aa2b3c58d4fcfa7d\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_aa517c7cd4e1092d\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20720_none_aa6eef2ed4cb63a3\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20821_none_aa6ff15ed4ca7a21\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20875_none_aa3de2ead4ef6b32\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20905_none_aa899444d4b6a4c2\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_abc7e369b8d5fa3e\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_aba3727db8f1e8b5\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_ac507fead1f480b1\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_ac2e0f92d20ea1d6\lpk.dll : 26.624 : 07/14/2009 07:15 AM : 4f154d2c9c6df951fd6e5aabbae6b5ee [Pos Repl]

* C:\Windows\System32\lsass.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe : 22.528 : 07/14/2009 07:14 AM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe : 22.528 : 07/14/2009 07:14 AM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe : 22.528 : 11/17/2011 07:36 AM : c2243ff9e9aad0c30e8b1a0914da15b6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe : 22.528 : 11/17/2011 07:36 AM : c2243ff9e9aad0c30e8b1a0914da15b6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe : 22.528 : 07/14/2009 07:14 AM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe : 22.528 : 11/17/2011 07:09 AM : 05f38cb7cab3ce8e9a1812d517da93ef [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe : 22.528 : 06/02/2012 07:40 AM : a6034689acf9d14973f8384ad5a5451e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe : 22.528 : 07/14/2009 07:14 AM : f42309c4191c506b71db5d1126d26318 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe : 22.528 : 11/17/2011 07:29 AM : 81951f51e318aecc2d68559e47485cc4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe : 22.528 : 11/17/2011 07:29 AM : 81951f51e318aecc2d68559e47485cc4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe : 22.528 : 11/17/2011 07:24 AM : fbcb2dfa40862daa7b1534c9538208a5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe : 22.528 : 06/02/2012 07:51 AM : fa7b950e4ca6aa260c4eaba19e03644d [Pos Repl]

* C:\Windows\System32\lsm.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7600.16385_none_a51b22e46bde44fe\lsm.exe : 261.120 : 07/14/2009 07:14 AM : 398dc10274c0cb861338cfc56e727c9f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..localsessionmanager_31bf3856ad364e35_6.1.7601.17514_none_a74c36ac68ccc898\lsm.exe : 267.776 : 11/20/2010 07:17 AM : 8aea9a37c1a3565a204d37c5e72ab791 [Pos Repl]

* C:\Windows\System32\mfc40u.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16385_none_f2e96828b6e3cefa\mfc40u.dll : 924.944 : 07/14/2009 07:15 AM : f8742fc618ecbda92a406725197e93ae [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16666_none_f3000dfcb6d2a7e4\mfc40u.dll : 954.288 : 08/31/2010 07:32 AM : 1b3a500340ac40f08d03a2c45213a17d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.20791_none_f3643991d00d1cce\mfc40u.dll : 954.288 : 08/31/2010 07:25 AM : a716981a8bb41f4149203687ee2d1be4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll : 954.288 : 11/20/2010 07:19 AM : ab9eb3745b03ae67ab241a82338dea7b [Pos Repl]

* C:\Windows\System32\midimap.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll : 16.896 : 07/14/2009 07:15 AM : 5a12c364ad1d4fcc0ad0e56dbbc34462 [Pos Repl]

* C:\Windows\System32\mshtml.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_2dd3aff6fa7f090a\mshtml.dll : 5.957.632 : 07/14/2009 07:15 AM : 43592d31aff84dd957199248898d9430 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16419_none_2e236278fa42a7f6\mshtml.dll : 5.958.656 : 09/05/2009 07:56 AM : 56f5053760581989a9bc7a47e916f661 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16444_none_2dfdf142fa5f7d16\mshtml.dll : 5.958.656 : 10/19/2009 04:10 PM : 5f0851c767de71c261283d423650fac9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_2dea51fefa6de7a6\mshtml.dll : 5.958.656 : 11/19/2009 04:22 AM : f8f43d14ba21cf92d16b3a16a958778b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_2dc3e07efa8ba36f\mshtml.dll : 5.961.728 : 12/19/2009 04:02 AM : 6ee36579e69e37d2ab2926a40b16dbb3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16535_none_2e09c35efa5677a3\mshtml.dll : 5.964.800 : 02/23/2010 04:55 AM : 49e3588afd08be40a9775bf3fb9d43f1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_2dd6b4a0fa7c4f5d\mshtml.dll : 5.970.944 : 05/06/2010 02:41 PM : c5a57d9a8c055643bbb2e65d5e181d52 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_2e149530fa4e58d9\mshtml.dll : 5.971.456 : 06/30/2010 02:22 AM : bdfd710842c8a25dd27254d91de60ac6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_2dda846cfa7a7f32\mshtml.dll : 5.977.600 : 09/08/2010 02:28 AM : baf92c3c3d5a0958817b661439a81fd9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_2e25357cfa429f6b\mshtml.dll : 5.978.112 : 11/04/2010 02:49 AM : 9145ef1a437a3fca06069fc649e16e32 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_2e119638fa5109fb\mshtml.dll : 5.980.672 : 12/18/2010 02:30 AM : 6e9e2d2dc298fe9a3a3c164fb8a2c9ea [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20521_none_2e9a2d08136f98f9\mshtml.dll : 5.958.656 : 09/05/2009 02:53 AM : a89e3948b2efc55f642fe1fe2cda2d9e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20553_none_2e7bbdd813861f7a\mshtml.dll : 5.958.656 : 10/19/2009 04:06 PM : fe1b4f611cff0b442cec979be1cddf77 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_2e6c1fbc1390ef66\mshtml.dll : 5.959.168 : 11/19/2009 04:08 AM : 31f80311f487aba186a10e551b212573 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_2eaece7c136044e7\mshtml.dll : 5.962.240 : 12/19/2009 04:10 AM : 96990605689b601287d4a83dd2b05f0b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20651_none_2e79bf2a1387e9f3\mshtml.dll : 5.966.336 : 02/23/2010 04:30 AM : da9d73d95d2b74742d4936739b1d9669 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_2eb6d2b213590cc6\mshtml.dll : 5.972.992 : 05/06/2010 02:47 PM : 1186c9e0759e0ac7cc6c9a0f66d003ed [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_2e889224137c3085\mshtml.dll : 5.972.992 : 06/30/2010 02:15 AM : 25c1646adc24c371b594544c3d530967 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_2e52828813a4bc3a\mshtml.dll : 5.977.088 : 09/08/2010 02:31 AM : 4f3deee94b0f650862f7ab7abbe40ca1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_2e8f62ce1377ac5f\mshtml.dll : 5.979.136 : 11/04/2010 02:52 AM : 61854d1111e33a09603452b32a84b5f0 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_2e6ef30a13900032\mshtml.dll : 5.980.672 : 12/18/2010 02:28 AM : a8b89a12e7a379ac443fb002f4aab51f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_3004c3bef76d8ca4\mshtml.dll : 5.977.600 : 11/20/2010 02:19 AM : c50799f0d47dfb9774f721521b6c41d5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_2ff224c4f77b108b\mshtml.dll : 5.980.672 : 01/07/2011 02:46 AM : 1c6045d48179d15a843486d12bec0eaf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_307ac146109996fe\mshtml.dll : 5.980.672 : 01/07/2011 02:32 AM : 1011333570e1cecae8fac34c8d9461bc [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_2bc2b55a3c6fcc91\mshtml.dll : 12.268.544 : 04/07/2011 02:20 AM : 4def8126cabaa6cdc12103cd74c6a919 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16430_none_2bb6e5243c78cf2b\mshtml.dll : 12.269.056 : 04/23/2011 02:36 AM : 3f63f95c998f7e1af409bc74e83d45e5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16434_none_2bbae64c3c753487\mshtml.dll : 12.273.664 : 07/22/2011 02:54 AM : e6d5c7e4aac0c682169aa5021386eff3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_2bbde72a3c72808c\mshtml.dll : 12.275.200 : 09/01/2011 02:36 AM : 04e0cd31a63dfc0d73725a3d1768fb5a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_2bac15383c80eb1c\mshtml.dll : 12.279.808 : 11/04/2011 02:02 AM : 66c0aee61d1c5c35bf1b4642a153b114 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_2bad15823c800473\mshtml.dll : 12.282.368 : 12/14/2011 02:30 AM : 497c9c3db953a60ec4f43a097e15f75e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_2baf16163c7e3721\mshtml.dll : 12.281.856 : 02/28/2012 02:52 AM : f82bf2cb075b49e9fab5ff213c45c020 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16446_none_2bb216f43c7b8326\mshtml.dll : 12.314.624 : 05/18/2012 02:11 AM : 9fb58f71104107d44540af1195f7a14d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16447_none_2bb3173e3c7a9c7d\mshtml.dll : 12.314.624 : 06/02/2012 02:07 AM : 6820a9e91aff7cb3a510360d8ccd9bdd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16448_none_2bb417883c79b5d4\mshtml.dll : 12.317.184 : 06/29/2012 02:52 AM : 5e8e869e1342308752a37a2c90cca79d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16450_none_2ba1454c3c89070d\mshtml.dll : 12.319.744 : 08/24/2012 02:27 AM : bb197f54a8f69eea8356b7f70e6d3a20 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20530_none_2c4081ef55966ef5\mshtml.dll : 12.269.056 : 04/23/2011 02:59 AM : 858ad7ec121dbc3d39d4abfe2e7e789c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20534_none_2c4483175592d451\mshtml.dll : 12.273.664 : 07/22/2011 02:53 AM : f2966190d2c20c585a730f9c0b3c7373 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20537_none_2c4783f555902056\mshtml.dll : 12.275.200 : 09/01/2011 02:07 AM : 8c93aed0a332209434b62162d03c38c9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_2c39b32b559af042\mshtml.dll : 12.279.808 : 11/04/2011 02:35 AM : a21b983e40578d0e6cfa9864ac4e1219 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_2c3bb3bf559922f0\mshtml.dll : 12.282.368 : 12/14/2011 02:41 AM : a29cfd4b9f6f2bbe06c8d64b6d07f1d4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20548_none_2c3db4535597559e\mshtml.dll : 12.281.856 : 02/28/2012 02:21 AM : b9e083b14b1994f1255983f2df31c7df [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20551_none_2c2be26155a5c02e\mshtml.dll : 12.314.624 : 05/18/2012 02:53 AM : 761d9111f5a2619cb5060661d36fbfff [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20553_none_2c2de2f555a3f2dc\mshtml.dll : 12.314.624 : 06/02/2012 02:48 AM : 1abf770552ea9d4fe90f654468faf4ce [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20554_none_2c2ee33f55a30c33\mshtml.dll : 12.317.184 : 06/29/2012 02:11 AM : aec51857aec2f5ce4520366240afc671 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20557_none_2c31e41d55a05838\mshtml.dll : 12.319.744 : 08/24/2012 02:43 AM : 975d1ea99a0fe8104b72440995b3c20b [Pos Repl]

* C:\Windows\System32\msimg32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll : 4.608 : 07/14/2009 02:15 AM : 18ab2e5a40064ed5f7791ac5946a90f3 [Pos Repl]

* C:\Windows\System32\msprivs.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.1.7600.16385_none_0bef4735dcb96ff8\msprivs.dll : 2.048 : 07/14/2009 02:07 AM : c90878913df3dc504790282043db5f4c [Pos Repl]

* C:\Windows\System32\msvcrt.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll : 690.688 : 07/14/2009 02:15 AM : e46d48a7fe961401f1cbf85531cdf05d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll : 690.688 : 12/16/2011 02:59 AM : f8a61b2e713309b4616d107919bdab6e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll : 690.688 : 12/16/2011 02:49 AM : 10142c1975202a767c0edb3bc066fd88 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll : 690.688 : 12/16/2011 02:52 AM : 9dc80a8aaaaac397bdab3c67165a824e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll : 690.688 : 12/16/2011 02:58 AM : 2f740c4b458331357e825e94afb0953a [Pos Repl]

* C:\Windows\System32\mswsock.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll : 232.448 : 07/14/2009 02:15 AM : 11a41f17527ed75d6b758fdd7f4fd00d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll : 232.448 : 11/20/2010 02:19 AM : 8999b8631c7fd9f7f9ec3cafd953ba24 [Pos Repl]

* C:\Windows\System32\netlogon.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll : 563.712 : 07/14/2009 02:16 AM : eaa75d9000b71f10eec04d2ae6c60e81 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll : 563.712 : 11/20/2010 02:20 AM : c1809b9907adedaf16f50c894100883b [Pos Repl]

* C:\Windows\System32\netman.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll : 280.576 : 07/14/2009 02:16 AM : 7cccfca7510684768da22092d1fa4db2 [Pos Repl]

* C:\Windows\System32\ntkrnlpa.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntkrnlpa.exe : 3.954.768 : 07/14/2009 02:20 AM : e2a8596576873bc5d509031decd8c95d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16481_none_6c02b882157a3fa4\ntkrnlpa.exe : 3.955.288 : 12/08/2009 02:40 AM : 92345529a07f31547d73ff6e32e1afe9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntkrnlpa.exe : 3.954.568 : 02/27/2010 01:07 PM : 20926a3f64bffcd92baa5ece9d65cc4a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16617_none_6c546d7e153c0e65\ntkrnlpa.exe : 3.955.080 : 06/19/2010 01:33 AM : 05288b088c0dfac60d6bcf878fc32b60 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntkrnlpa.exe : 3.957.120 : 10/27/2010 01:43 AM : a6dcf9f73f2fca7a96d9585817a08b43 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntkrnlpa.exe : 3.957.632 : 04/09/2011 01:13 AM : eedb427eac109e0711642b65c229bc59 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntkrnlpa.exe : 3.957.120 : 06/23/2011 01:38 AM : 1f969255e068d451bac2d4fb0bd8c9c3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntkrnlpa.exe : 3.957.104 : 10/26/2011 01:42 AM : 0e5e92c8aa8ada52d37d551e322bf1fa [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16917_none_6c547330153c05da\ntkrnlpa.exe : 3.957.616 : 11/19/2011 03:25 PM : 0b77ac2b94dfe3297b7462e7966aba42 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntkrnlpa.exe : 3.958.128 : 03/06/2012 03:59 AM : 06ef177fe7febb1314e42f568fcb55a3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntkrnlpa.exe : 3.958.128 : 04/02/2012 03:46 AM : 9d19079820928d72a5708a668b5b62ae [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20591_none_6c8185612e9ffb5f\ntkrnlpa.exe : 3.954.776 : 12/08/2009 01:04 PM : 9961859237c15878493ade2119991614 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntkrnlpa.exe : 3.954.568 : 02/27/2010 01:46 AM : fc781d4359b553d62cbad9f658e68784 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20738_none_6cc96abb2e68ff68\ntkrnlpa.exe : 3.964.800 : 06/19/2010 01:37 AM : 2a37766f5121e98271ecd811a60d9420 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntkrnlpa.exe : 3.966.848 : 10/27/2010 01:33 AM : 8e641a407a795dfb7b3a34053ef8db39 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntkrnlpa.exe : 3.967.360 : 04/09/2011 01:21 AM : 83515cddb47b08f65f1ec7451778c3cd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntkrnlpa.exe : 3.967.872 : 06/23/2011 01:32 AM : 11486d4317d57c6f5e4dc902ef75d811 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntkrnlpa.exe : 3.970.416 : 10/26/2011 01:51 AM : 0e725e4d29cba35e680dd51099eb6598 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21094_none_6c8465f92e9d6f42\ntkrnlpa.exe : 3.971.440 : 11/19/2011 01:24 AM : ac9fbc2847286ad78232ec9c66e28ca7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntkrnlpa.exe : 3.971.440 : 03/06/2012 01:59 AM : 3b237d98a0dfc9395c7d97e33aa38acf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntkrnlpa.exe : 3.970.928 : 03/31/2012 01:43 AM : c6d1d128de4148e35b6c04b6892eb71a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe : 3.966.848 : 11/20/2010 01:30 AM : 144bd78c6103c8616de047b3532142db [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe : 3.967.872 : 04/09/2011 01:02 AM : 102a6182087b18c795664bcd22eb52e9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe : 3.967.872 : 06/23/2011 01:33 AM : a4a8ef2ace5fa5863aa0b04c9bbfeca7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntkrnlpa.exe : 3.967.856 : 10/26/2011 01:47 AM : f2368c2a4b126b2eaef1985116b88a1d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe : 3.968.368 : 11/19/2011 03:50 PM : 31c59b0ca08b1203e35d2ba19319279e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe : 3.968.368 : 03/06/2012 03:59 AM : 43711abf8ae553a7b5ffff61e60c419d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe : 3.968.368 : 03/31/2012 03:39 AM : 8f6d5704d7522aab8b4b82c0d35d9184 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe : 3.967.872 : 04/09/2011 03:01 AM : 9cf7f5d025183fa10e130445bc071b70 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe : 3.967.872 : 06/23/2011 03:55 AM : 3624d782f8b061b6fba3a35e2fe53cfd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntkrnlpa.exe : 3.970.928 : 10/26/2011 03:01 AM : fc9183a26d2ad7bd68f471262cf3946d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe : 3.971.440 : 11/19/2011 03:11 AM : 2eda0dccf5f00cdb91a9ecbe45cb0b3d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe : 3.972.464 : 03/06/2012 03:41 AM : 07b026e7a2c873d09f0073141ee2099e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe : 3.971.952 : 03/31/2012 03:37 AM : 93358348d0b79812caaa83a1377e4449 [Pos Repl]

* C:\Windows\System32\ntoskrnl.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe : 3.899.472 : 07/14/2009 03:20 AM : b9d673f7707219dfd264891a26c21ecb [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16481_none_6c02b882157a3fa4\ntoskrnl.exe : 3.899.464 : 12/08/2009 03:40 AM : cb51aeb061a5454cfc59b0b68acf53a4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntoskrnl.exe : 3.899.280 : 02/27/2010 01:07 PM : dd2ed3246f5f4e4b07f385a9520c3c7c [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16617_none_6c546d7e153c0e65\ntoskrnl.exe : 3.899.784 : 06/19/2010 01:33 AM : 8218e74a67942120bf8ee30661edf83f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe : 3.901.824 : 10/27/2010 01:43 AM : 776201760b5692f10dda3be85b54f213 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe : 3.901.824 : 04/09/2011 01:13 AM : d9fd1d6337f15aaf2012c69909615db5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntoskrnl.exe : 3.902.336 : 06/23/2011 01:38 AM : dfb0e9f902fdab7cd2e180e4072d45dd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntoskrnl.exe : 3.901.808 : 10/26/2011 01:42 AM : 7539cef9f7ff4ddae24dae5389dde2c3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16917_none_6c547330153c05da\ntoskrnl.exe : 3.902.320 : 11/19/2011 03:25 PM : fbf900df512ec6c5818e1554ec69a7a5 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntoskrnl.exe : 3.902.320 : 03/06/2012 03:59 AM : 0fb535b17a519134c5f9867841b019af [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntoskrnl.exe : 3.902.320 : 04/02/2012 03:46 AM : 678ad0f9db55f9127851cd631456f483 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20591_none_6c8185612e9ffb5f\ntoskrnl.exe : 3.899.992 : 12/08/2009 01:04 PM : 6c2effca281f6f5044810890a0589596 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntoskrnl.exe : 3.899.784 : 02/27/2010 01:46 AM : 466fd46f58768e56f7b841681014eff1 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20738_none_6cc96abb2e68ff68\ntoskrnl.exe : 3.909.512 : 06/19/2010 01:37 AM : d5662cd1f9b85936561a07adc400acf4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe : 3.911.552 : 10/27/2010 01:33 AM : c6169f5fdc8399e0c6c0729ab6ef2ef8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe : 3.911.552 : 04/09/2011 01:21 AM : 0f4a148499cc6fa5d84a0f1587869051 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntoskrnl.exe : 3.911.552 : 06/23/2011 01:32 AM : 638a384e9968036d42bdbde499a1c8b8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntoskrnl.exe : 3.915.120 : 10/26/2011 01:51 AM : 8b5b4bec86a77d10820e0ba21249a6b7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21094_none_6c8465f92e9d6f42\ntoskrnl.exe : 3.915.632 : 11/19/2011 01:24 AM : 46f86a3471ae24a604cb7e56983c8ae4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntoskrnl.exe : 3.915.632 : 03/06/2012 01:59 AM : b83e403a94c4cb2d0576dd6945469d16 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntoskrnl.exe : 3.915.632 : 03/31/2012 01:43 AM : d909eafa618bc9db2615303da3d9c830 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe : 3.911.040 : 11/20/2010 01:30 AM : 2088d9994332583edb3c561de31ea5ad [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe : 3.912.576 : 04/09/2011 01:02 AM : 5d21c487f79f8245e799071589e035bf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe : 3.912.576 : 06/23/2011 01:33 AM : fb58abd5e1f75a2cf713c9dff0ec0804 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntoskrnl.exe : 3.912.560 : 10/26/2011 01:47 AM : 9dbee8d5230881b583cf95f7c3bb8bb0 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntoskrnl.exe : 3.913.584 : 11/19/2011 03:50 PM : f0f0e99a65f598a1a7720f5111c4da8f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe : 3.913.072 : 03/06/2012 03:59 AM : 53b4bdea12a032eec71e60b6bff42f37 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe : 3.913.072 : 03/31/2012 03:39 AM : 28f44480e411c3ddf04b63f6560e6ef4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe : 3.912.576 : 04/09/2011 03:01 AM : d385343510b75545ec5db3a64c2d2492 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe : 3.912.576 : 06/23/2011 03:55 AM : 90efdb506f6140eea9dee398d9449d86 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntoskrnl.exe : 3.915.120 : 10/26/2011 03:01 AM : eb58b25af04d7c036e648e0406aab431 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntoskrnl.exe : 3.916.656 : 11/19/2011 03:11 AM : 00b12ea93ed392fbd09f07b63e926647 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe : 3.916.656 : 03/06/2012 03:41 AM : 57b7de30c4e65ad19ca13ac3065ee60b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe : 3.916.656 : 03/31/2012 03:37 AM : 2e02a17e8965ad671e4987e503ad38b1 [Pos Repl]

* C:\Windows\System32\ole32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_abf3fd7f53a4f5f5\ole32.dll : 1.412.608 : 07/14/2009 03:16 AM : 4acb903ad1693858a918907358cbd9e4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16624_none_ac33e26f53752c6d\ole32.dll : 1.413.632 : 06/29/2010 03:02 AM : e2c2d8c982316c8abf800c6ce3f28fab [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.20744_none_aca7df626ca30419\ole32.dll : 1.414.144 : 06/29/2010 03:56 AM : 40e6bf57f6a923038b94c07387118089 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll : 1.414.144 : 11/20/2010 03:20 AM : 928cf7268086631f54c3d8e17238c6dd [Pos Repl]

* C:\Windows\System32\olepro32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7600.16385_none_39ea10b66307dbef\olepro32.dll : 90.112 : 07/14/2009 03:16 AM : c10459dbdc2099c5a8428cb7d87db85f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll : 90.112 : 11/20/2010 03:20 AM : 703ffd301ab900b047337c5d40fd6f96 [Pos Repl]

* C:\Windows\System32\perfctrs.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_314993e6be6d6809\perfctrs.dll : 39.424 : 07/14/2009 03:16 AM : edd2ad141debd425d74a52a4d7be6ac4 [Pos Repl]

* C:\Windows\System32\powrprof.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll : 145.408 : 07/14/2009 03:16 AM : 08dfdbd2fd4ea951dc46b1c7661ed35a [Pos Repl]

* C:\Windows\System32\psbase.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_481f6abd91b25a15\psbase.dll : 50.688 : 07/14/2009 03:16 AM : 274992d0945889a6b56d0e1bd4288a6e [Pos Repl]

* C:\Windows\System32\pstorsvc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.1.7600.16385_none_481f6abd91b25a15\pstorsvc.dll : 23.552 : 07/14/2009 03:16 AM : 0a3ccb2c4f603d99f34d742fc9544b97 [Pos Repl]

* C:\Windows\System32\qmgr.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll : 589.312 : 07/14/2009 03:16 AM : 53f476476f55a27f580661bde09c4ec4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll : 585.728 : 11/20/2010 03:21 AM : e585445d5021971fae10393f0f1c3961 [Pos Repl]

* C:\Windows\System32\rasadhlp.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasadhlp.dll : 11.776 : 07/14/2009 03:16 AM : ed6ee83d61ebc683c2cd8e899ea6febe [Pos Repl]

* C:\Windows\System32\regsvc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_893c5bdce4cae672\regsvc.dll : 112.640 : 07/14/2009 03:16 AM : cb9a8683f4ef2bf99e123d79950d7935 [Pos Repl]

* C:\Windows\System32\rpcss.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll : 376.320 : 07/14/2009 03:16 AM : b82cd39e336973359d7c9bf911e8e84f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll : 376.832 : 11/20/2010 03:21 AM : 7660f01d3b38aca1747e397d21d790af [Pos Repl]

* C:\Windows\System32\scecli.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll : 175.616 : 07/14/2009 03:16 AM : 26073302daea83cc5b944c546d6b47d2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll : 175.616 : 11/20/2010 03:21 AM : 8124944ec89d6a1815e4e53f5b96aaf4 [Pos Repl]

* C:\Windows\System32\schannel.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16385_none_21eca131b6966c32\schannel.dll : 220.160 : 07/14/2009 03:16 AM : 0a53fd4ebbd92002ccc362a9b8087885 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16612_none_22355579b660540b\schannel.dll : 224.256 : 06/16/2010 03:48 AM : 61a9b3194f8497b864b1c98a72736d07 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16661_none_21fe4593b689c669\schannel.dll : 224.256 : 08/21/2010 03:36 AM : 21cf5c7d8d727dcc337a1d251b6135f4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_22385c09b65d9785\schannel.dll : 224.768 : 11/17/2011 03:39 AM : 83041697ae93aa4b783ae8746904edd2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.17035_none_22229453b66e02a9\schannel.dll : 225.280 : 06/02/2012 03:48 AM : 76c48f0cd8a526858ab9a4886586942a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20735_none_22ac534acf8b77bc\schannel.dll : 224.256 : 06/16/2010 03:58 AM : da2974595719d65c27b5198b971ef121 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.20785_none_227643aecfb40371\schannel.dll : 224.256 : 08/20/2010 03:30 AM : bf33806d317af52b6860a82d9fdc7e00 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_22684ed2cfbf00ed\schannel.dll : 224.768 : 11/17/2011 03:15 AM : cb6b6b1f8d283de4540445c5313cb445 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21225_none_22b702f0cf8383a9\schannel.dll : 225.280 : 06/02/2012 03:45 AM : 1f7939c11281755a7b0a6ac47929f701 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17514_none_241db4f9b384efcc\schannel.dll : 224.256 : 11/20/2010 03:21 AM : 135f7ac9be35ab1df727faf2e60e92f8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_2413e923b38c1f62\schannel.dll : 224.768 : 11/17/2011 03:34 AM : 1affb765af1fdcc0c185c38e9ddddaee [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17856_none_23f47b8fb3a389b3\schannel.dll : 225.280 : 06/02/2012 03:40 AM : 3d3cbd1847f980fb03343a63671e7886 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_246e4516cccdc994\schannel.dll : 224.768 : 11/17/2011 03:29 AM : 3dbcbd8adb406c43a2127544d7ba974e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.22010_none_24a32e70cca654f1\schannel.dll : 225.280 : 06/02/2012 03:55 AM : c5b2dc72f2453cef2e150a81f696703d [Pos Repl]

* C:\Windows\System32\schedsvc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16385_none_2ed774b4f8560e29\schedsvc.dll : 743.424 : 07/14/2009 03:16 AM : 3e8b0c453e25613a1f59762a5c42aa75 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16699_none_2ed0aba2f85a86eb\schedsvc.dll : 749.056 : 11/02/2010 03:39 AM : df1e5c82e4d09cf8105cc644980c4803 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.20830_none_2f922742114f9827\schedsvc.dll : 749.056 : 11/02/2010 03:28 AM : 0f7a8520f0895e6f0f1a0a3fd3ea40d4 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_3108887cf54491c3\schedsvc.dll : 750.592 : 11/20/2010 03:21 AM : a04bb13f8a72f8b6e8b4071723e4e336 [Pos Repl]

* C:\Windows\System32\services.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe : 259.072 : 07/14/2009 03:14 AM : 5f1b6a9c35d3d5ca72d6d6fdef9747d6 [Pos Repl]

* C:\Windows\System32\setupapi.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7600.16385_none_34cbafd427916fc6\setupapi.dll : 1.668.608 : 07/14/2009 03:16 AM : 41323ab614a2b66ad77b1121d24ac895 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.1.7601.17514_none_36fcc39c247ff360\setupapi.dll : 1.667.584 : 11/20/2010 03:21 AM : 10fb16b50affda6d44588f3c445dc273 [Pos Repl]

* C:\Windows\System32\sfc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll : 2.560 : 07/14/2009 03:10 AM : 40caeee0eaf1b8569f7c8df6420f2cb9 [Pos Repl]

* C:\Windows\System32\shsvcs.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_cd06b34d7e412c53\shsvcs.dll : 328.192 : 07/14/2009 03:16 AM : cd2e48fa5b29ee2b3b5858056d246ef2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_cf37c7157b2fafed\shsvcs.dll : 328.192 : 11/20/2010 03:21 AM : 414da952a35bf5d50192e28263b40577 [Pos Repl]

* C:\Windows\System32\smss.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe : 69.632 : 07/14/2009 03:14 AM : 16742790895960690237a5143cedec8b [Pos Repl]

* C:\Windows\System32\spoolsv.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe : 316.416 : 07/14/2009 03:14 AM : 49b6dd6ab3715b7a67965f17194e98a9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe : 316.928 : 08/21/2010 03:32 AM : d1bb750eb51694de183e08b9c33be5b2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_d634a3a322cec58a\spoolsv.exe : 316.928 : 02/11/2012 03:41 AM : e17323b0aa9fb3ff9945731d736eda2f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe : 316.928 : 08/20/2010 03:25 AM : 2fb4ce429488156b19c0d8e5c4552043 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_d6daba6e3bd61215\spoolsv.exe : 316.928 : 02/11/2012 03:31 AM : 13b48314bf02091b30597df20b71cbac [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe : 317.440 : 11/20/2010 03:17 AM : 866a43013535dc8587c258e43579c764 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_d815322f1ff8cc1a\spoolsv.exe : 317.440 : 02/11/2012 03:37 AM : 9aea093b8f9c37cf45538382caba2475 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_d8cedec038f3454c\spoolsv.exe : 317.952 : 02/11/2012 03:21 AM : cae10a25f936c053e41cbe0fa06ff15d [Pos Repl]

* C:\Windows\System32\ssdpsrv.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_7f9fc90f328bdf26\ssdpsrv.dll : 162.816 : 07/14/2009 03:16 AM : d887c9fd02ac9fa880f6e5027a43e118 [Pos Repl]

* C:\Windows\System32\svchost.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe : 20.992 : 07/14/2009 03:14 AM : 54a47f6b5e09a77e61649109c6a08866 [Pos Repl]

* C:\Windows\System32\tapisrv.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_e3132eff46462df0\tapisrv.dll : 241.664 : 07/14/2009 03:16 AM : 2f46b0c70a4adc8c90cf825da3b4feaf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll : 242.176 : 11/20/2010 03:21 AM : 613bf4820361543956909043a265c6ac [Pos Repl]

* C:\Windows\System32\taskeng.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe : 190.464 : 07/14/2009 03:14 AM : de5dacebd4c89834ec6d2c41c8643cda [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe : 192.000 : 11/02/2010 03:34 AM : f8952e80b7f778da2f7aa8393ca2d30e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe : 192.000 : 11/02/2010 03:24 AM : 41c52af44fb96bddb1efb25d2d943bba [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe : 192.000 : 11/20/2010 03:17 AM : 4f2659160afcca990305816946f69407 [Pos Repl]

* C:\Windows\System32\taskhost.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_2814fe7cbba96e6a\taskhost.exe : 49.152 : 07/14/2009 03:14 AM : 8f4f5a5c1bae72ce6eaeea1ca3f98ca2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe : 49.152 : 11/20/2010 03:17 AM : 7fa8ba5a780e4757964ac9d4238302b9 [Pos Repl]

* C:\Windows\System32\termsrv.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_8e7597ebb597acd3\termsrv.dll : 543.232 : 07/14/2009 03:16 AM : a01e50a04d7b1960b33e92b9080e6a94 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_90a6abb3b286306d\termsrv.dll : 521.216 : 11/20/2010 03:21 AM : 382c804c92811be57829d8e550a900e2 [Pos Repl]

* C:\Windows\System32\upnphost.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_c1be8a9895d79340\upnphost.dll : 266.752 : 07/14/2009 03:16 AM : 833fbb672460efce8011d262175fad33 [Pos Repl]

* C:\Windows\System32\user32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811.520 : 07/14/2009 03:16 AM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811.520 : 11/20/2010 03:21 AM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

* C:\Windows\System32\userinit.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe : 26.112 : 07/14/2009 03:14 AM : 6de80f60d7de9ce6b8c2ddfdf79ef175 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe : 26.624 : 11/20/2010 03:17 AM : 61ac3efdfacfdd3f0f11dd4fd4044223 [Pos Repl]

* C:\Windows\System32\usp10.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll : 627.200 : 07/14/2009 03:16 AM : 0ba19f3198c40ac4e8cc66ee02eda6c6 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll : 626.176 : 11/20/2010 03:21 AM : 804aaafebb3ad5f49334dd906bcb1de5 [Pos Repl]

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_a5baf0f767e33083\uxtheme.dll : 249.856 : 07/14/2009 03:16 AM : 63bfdf555da2075a77d677829c3cccd0 [Pos Repl]

* C:\Windows\System32\version.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll : 21.504 : 07/14/2009 03:16 AM : 702254574e7e52052de39408457b7149 [Pos Repl]

* C:\Windows\System32\w32time.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_887db9d2ce9e3aa0\w32time.dll : 288.768 : 07/14/2009 03:16 AM : 55187fd710e27d5095d10a472c8baf1c [Pos Repl]

* C:\Windows\System32\wbem\wmiprvse.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7600.16385_none_103914aeecb89f38\WmiPrvSE.exe : 254.976 : 07/14/2009 03:14 AM : 203c3380a744ca5b9b1a9caeb57f7d57 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_126a2876e9a722d2\WmiPrvSE.exe : 257.536 : 11/20/2010 03:17 AM : 4fb491ac8d46aaf22ba8bc5c73dabef7 [Pos Repl]

* C:\Windows\System32\wdigest.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.1.7600.16385_none_3aa3a13ade08a93a\wdigest.dll : 171.520 : 07/14/2009 03:16 AM : 0450cf487ecd8a67b56f59f9a96d024d [Pos Repl]

* C:\Windows\System32\wiaservc.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7600.16385_none_326a913514a6f178\wiaservc.dll : 462.336 : 07/14/2009 03:16 AM : a22825e7bb7018e8af3e229a5af17221 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_349ba4fd11957512\wiaservc.dll : 463.360 : 11/20/2010 03:21 AM : e1fb3706030fb4578a0d72c2fc3689e4 [Pos Repl]

* C:\Windows\System32\wininet.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll : 977.920 : 07/14/2009 03:16 AM : 0d874f3bc751cc2198af2e6783fb8b35 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_1c69c1607a353a39\wininet.dll : 977.920 : 12/19/2009 03:02 AM : f1c359ce656bd76f90e0e6c4bc04a4be [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll : 977.920 : 02/23/2010 03:56 AM : 99a6f1253a886c4a9c1f8e1822b10a80 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\wininet.dll : 977.920 : 05/21/2010 03:18 AM : abe73a2f762a74b6ad2c9be636915595 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll : 978.432 : 06/30/2010 03:25 AM : 250267ce6217c1ab4517f22fb7ea13e8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_1c80654e7a2415fc\wininet.dll : 978.432 : 09/08/2010 03:30 AM : 3d6aa6dd4d0f3bb41b804747eb489831 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_1ccb165e79ec3635\wininet.dll : 978.944 : 11/04/2010 03:52 AM : a7360a3b20b38f1d6a09402fb6e9e2c3 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll : 981.504 : 12/18/2010 03:32 AM : f019fca21f609e34b79ae130681d08f7 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll : 981.504 : 12/21/2010 03:38 AM : 78b9ada2bc8946af7b17678e0d07a773 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_1d54af5d9309dbb1\wininet.dll : 977.920 : 12/19/2009 03:10 AM : 23587164011ec849e58e229abc49e239 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll : 980.480 : 02/23/2010 03:30 AM : 0962cb2a9e6b4363c74249a4a5ccdbbf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\wininet.dll : 980.480 : 05/21/2010 03:09 AM : 5ff3118c688d43ed77deadc6f4895ef9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll : 980.480 : 06/30/2010 03:18 AM : 91a9ccad9829a89c840899932b9ec2df [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_1cf86369934e5304\wininet.dll : 980.480 : 09/08/2010 03:34 AM : 84795f28eb2e942951138827b8704819 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_1d3543af93214329\wininet.dll : 981.504 : 11/04/2010 03:53 AM : 749a4ddb8915066566e2bb38c2618048 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll : 981.504 : 12/18/2010 03:31 AM : 025031c16d3a486f6afe1c9b2fb1ade0 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll : 981.504 : 12/21/2010 03:29 AM : 1b3dd46bc6396143a205eaaf05f38039 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll : 980.992 : 11/20/2010 03:21 AM : 44214c94911c7cfb1d52cb64d5e8368d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_1a68963bbc19635b\wininet.dll : 1.126.912 : 04/07/2011 03:20 AM : a1236375b74ea63c75657d564890c436 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16434_none_1a60c72dbc1ecb51\wininet.dll : 1.126.912 : 07/22/2011 03:48 AM : 2c7332c222d1fe1fc57d622699a8c001 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll : 1.126.912 : 09/01/2011 03:28 AM : d3788d91530cfa005bd516189a4c676e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll : 1.127.424 : 11/03/2011 11:39 PM : 02f98b5c0e397ad06124d84428cf8f1a [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll : 1.127.424 : 12/14/2011 11:57 AM : 1d94fa7c81d2ffe494af094619ba706f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll : 1.127.424 : 02/28/2012 11:11 AM : 44465367256d1c72b58f5abaa19e7016 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16446_none_1a57f7d5bc2519f0\wininet.dll : 1.129.472 : 05/18/2012 11:35 AM : 1c191a4f0960f21b5d58c8a65baf5427 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16447_none_1a58f81fbc243347\wininet.dll : 1.129.472 : 06/02/2012 11:25 AM : 8e87270c4704cf2951e1e7820d6c8a2b [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16448_none_1a59f869bc234c9e\wininet.dll : 1.129.472 : 06/29/2012 11:09 AM : 75a97a2c060e72ab49e071e08c7dd2ba [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16450_none_1a47262dbc329dd7\wininet.dll : 1.129.472 : 08/24/2012 11:51 AM : 5553611e2f9ea6f613079177f1233068 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20534_none_1aea63f8d53c6b1b\wininet.dll : 1.126.912 : 07/22/2011 11:48 AM : aa75f065975fce762fc9bbf5a3c08368 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20537_none_1aed64d6d539b720\wininet.dll : 1.126.912 : 09/01/2011 11:57 AM : c0fcee8d760c70db6ef858bb2262288e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll : 1.127.424 : 11/04/2011 11:07 AM : 32569df2f9bef05dd7d56e30590edfd9 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll : 1.127.424 : 12/14/2011 11:28 AM : 022a78194e2c7106f5af9f2bc6ac8774 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll : 1.127.424 : 02/28/2012 11:58 AM : 11a34dca08eb2a586246f2d6c2a81d58 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20551_none_1ad1c342d54f56f8\wininet.dll : 1.129.472 : 05/18/2012 11:19 AM : 43bac67996d8765a5f1b3a4ea6231e21 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20553_none_1ad3c3d6d54d89a6\wininet.dll : 1.129.472 : 06/02/2012 11:16 AM : e430161a632f9a8fe512de0ca5685559 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20554_none_1ad4c420d54ca2fd\wininet.dll : 1.129.472 : 06/29/2012 11:54 AM : 54c30a4066a28f9a017e095e283b2762 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20557_none_1ad7c4fed549ef02\wininet.dll : 1.129.472 : 08/24/2012 11:12 AM : 2895e29efcfc0b1bcf8aee1a0c67913c [Pos Repl]

* C:\Windows\System32\wininit.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe : 96.256 : 07/14/2009 11:14 AM : b5c5dcad3899512020d135600129d665 [Pos Repl]

* C:\Windows\System32\winlogon.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe : 285.696 : 07/14/2009 11:14 AM : 8ec6a4ab12b8f3759e21f8e3a388f2cf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe : 285.696 : 10/28/2009 11:17 AM : 37cdb7e72eb66ba85a87cbe37e7f03fd [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe : 285.696 : 10/28/2009 11:52 AM : 3babe6767c78fbf5fb8435feed187f30 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe : 286.720 : 11/20/2010 11:17 AM : 6d13e1406f50c66e2a95d97f22c47560 [Pos Repl]

* C:\Windows\System32\ws2_32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll : 206.336 : 07/14/2009 11:16 AM : daae8a9b8c0acc7f858454132553c30d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll : 206.848 : 11/20/2010 11:21 AM : 7ff15a4f092cd4a96055ba69f903e3e9 [Pos Repl]

* C:\Windows\System32\ws2help.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\ws2help.dll : 4.608 : 07/14/2009 11:11 AM : 808aabdf9337312195caff76d1804786 [Pos Repl]

* C:\Windows\System32\wuauclt.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_3086c9dad36a69b3\wuauclt.exe : 47.104 : 07/14/2009 11:14 AM : b0da80ff42a0819d162a86612896aaf2 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_c315782c0def9f8f\wuauclt.exe : 47.104 : 11/20/2010 11:18 AM : 75b06acd9d8dc0fe3603294e1899f496 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe : 53.784 : 06/03/2012 11:19 AM : 2e0b0a051ffaa86e358465bb0880d453 [Pos Repl]

* C:\Windows\explorer.exe [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe : 2.613.248 : 07/14/2009 11:14 AM : 15bc38a7492befe831966adb477cf76f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe : 2.613.248 : 08/03/2009 11:35 AM : b95eeb0f4e5efbf1038a35b3351cf047 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe : 2.614.272 : 10/31/2009 11:45 AM : 2626fc9755be22f805d3cfa0ce3ee727 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe : 2.614.784 : 02/26/2011 11:33 AM : 2af58d15edc06ec6fdacce1f19482bbf [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe : 2.613.248 : 08/03/2009 11:49 AM : 9ff6c4c91a3711c0a3b18f87b08b518d [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe : 2.614.272 : 10/31/2009 11:00 AM : c76153c7eca00fa852bb0c193378f917 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe : 2.614.784 : 02/26/2011 11:51 AM : 255cf508d7cfb10e0794d6ac93280bd8 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe : 2.616.320 : 11/20/2010 11:17 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe : 2.616.320 : 02/25/2011 11:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe : 2.616.320 : 02/26/2011 11:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 activation.guitar-pro.com
127.0.0.1 updates.presonus.com

Program finished at: 10/04/2012 08:40:03 PM
Execution time: 0 hours(s), 8 minute(s), and 41 seconds(s)

#9 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 04 October 2012 - 04:31 PM

Let's move to

WINDOWS Services

Background Intelligent Transfer Service - SHOWN AND CHECKED
Base Filtering Engine - SHOWN AND CHECKED
COM+ Event System - SHOWN AND CHECKED
COM+ System Application - NOT SHOWN
Cryptographic Services - SHOWN AND CHECKED
Ipsec Policy Agent - SHOWN AND CHECKED
RPC Locator - SHOWN AND CHECKED
RPC Endpoint Mapper - SHOWN AND CHECKED
Windows Firewall - SHOWN AND CHECKED
Windows Installer - SHOWN AND CHECKED
Windows Management Instrumentation - SHOWN AND CHECKED
Windows Update - SHOWN AND CHECKED

About Step 2 & 3 scripts, I was able to read some "access denied" in the cmd window before the pc was rebooted.

#10 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:37 PM

Posted 05 October 2012 - 06:36 AM

Hello Geppo,


You will want to print out or copy these instructions to Notepad for offline reference!
These steps are for member Geppo only. If you are a casual viewer, do NOT try this on your system!
If you are not Geppo and have a similar problem, do NOT post here; start your own topic


Do not run or start any other programs while these utilities and tools are in use!
Do NOT run any other tools on your own or do any fixes other than what is listed here.
If you have questions, please ask before you do something on your own.
But it is important that you get going on these following steps.
=
Close any of your open programs while you run these tools.

Right-click on this link http://download.bleepingcomputer.com/win-services/7/EventSystem.reg
and do a Save As
and Save it to your Desktop

With the file on your Desktop, do a Right-click and select Merge

Once the merge has completed, do a Logoff and Restart the system.

Step 2
On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages
It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.
You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.
Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system


Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
Right- click on Combo-Fix.exe on your Desktop Posted Image and select "Run as Administrator".
  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.

    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.
If this occurs, please reboot to restore the desktop.


A file will be created at => C:\Combofix.txt.

Notes:
[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.
That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#11 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 05 October 2012 - 07:33 AM

Hello Maurice, I'm writing from my android device.
I merged the reg file, did the reboot, closed all programs, installed combofix and ran it.
It tried to create a restore point and then moved to next screen (the one with "10 minutes" thing).
It was 2.00 PM CET.
It is 2.30 now and still no sign of stage advance showed, not even one!
I'm not stopping it unless you instruct me to.

#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:37 PM

Posted 05 October 2012 - 08:06 AM

As long as you followed my instructions...... allow another 45 minutes for Combofix to finish.
and make sure you accepted the EULA and followed any prompts by C-F

Please have infinite patience.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#13 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 05 October 2012 - 08:39 AM

Update: combofix has been running for an hour and a half. No sign of stage advance, no sign of disk activity. I won't turn it off but I don't think it's going to produce any output.

#14 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:37 PM

Posted 05 October 2012 - 09:17 AM

Power off the pc. Wait about a minute. Then restart the system. Make sure you go into Normal mode of Windows.

Then let's get some new reports:

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)


Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#15 Geppo

Geppo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 05 October 2012 - 10:20 AM

RSIT log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mr.Roboto at 2012-10-05 17:13:49
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 10 GB (18%) free of 55 GB
Total RAM: 3327 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.13.57, on 05/10/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Windows\Logi_MwX.Exe
D:\Programmi\Norton Ghost\Agent\VProTray.exe
D:\Programmi\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Mr.Roboto\Local Settings\Apps\F.lux\flux.exe
D:\Programmi\BigAnt\Client\BigAnt.exe
C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
D:\Programmi\Fastweb PrintAndFax\FaxMonitor.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\Programmi\Fastweb PrintAndFax\MessageCapture.exe
D:\Programmi\Logitech\SetPointG\SetPointII.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDClock.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDRSS.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
D:\Programmi\Thunderbird 3\thunderbird.exe
D:\Programmi\Mozilla Firefox\firefox.exe
D:\Programmi\Foobar2000\foobar2000.exe
D:\Programmi\Foobar2000\user-components\foo_out_asio\ASIOhost32.exe
C:\Users\Mr.Roboto\Desktop\RSIT.exe
C:\Program Files\trend micro\Mr.Roboto.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~2\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - d:\Programmi\Megaupload Manager\MegaIEMn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\PROGRA~2\FlashGet\getflash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Norton Ghost 14.0] "D:\Programmi\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [EvtMgr6] D:\Programmi\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKCU\..\Run: [F.lux] "C:\Users\Mr.Roboto\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [BigAnt] D:\Programmi\BigAnt\Client\BigAnt.exe /MinSize
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - Global Startup: PrintAndFax.lnk = D:\Programmi\Fastweb PrintAndFax\FaxMonitor.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://d:\PROGRA~2\OFFICE~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con FlashGet - D:\Programmi\FlashGet\jc_link.htm
O8 - Extra context menu item: Scarica tutto con FlashGet - D:\Programmi\FlashGet\jc_all.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - d:\PROGRA~2\OFFICE~1\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\FlashGet\flashget.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73BE1D74-2ACB-4516-B98D-8055E9F2730C}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: x-wpexpert - {382E05AF-964B-41CE-B2B5-ED0BF48013C0} - D:\Programmi\WildPackets OmniPeek\peekrecon.dll
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AntDS - Unknown owner - D:\Programmi\BigAnt\Server\AntDS.exe
O23 - Service: AntServer - Unknown owner - D:\Programmi\BigAnt\Server\AntServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AvServer - Unknown owner - D:\Programmi\BigAnt\Server\AvServer.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - D:\Programmi\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\programmi\hamachi\hamachi-2.exe
O23 - Service: Servizio iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Norton Ghost - Symantec Corporation - D:\Programmi\Norton Ghost\Agent\VProSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: UNCFAT DMS (OTFSDMS) - Unknown owner - C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - D:\Programmi\Macrium Reflect\ReflectService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programmi\Skype\Updater\Updater.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: SQL Server VSS Writer (SQLWriter) - Unknown owner - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing)
O23 - Service: SymSnapService - Symantec - D:\Programmi\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - D:\Programmi\TeamViewer 7\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Programmi\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 12122 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390435069-2347297169-2357984066-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1390435069-2347297169-2357984066-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Mr.Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Giuliano

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, abhere2@moztw.org:3.6.20101102, {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2, CLEO@guid.customsoftwareconsult.com:4.3, it-IT@dictionaries.addons.mozilla.org:3.3, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2, extensionlistdumper@sogame.cat:1.15.0, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, feedbar@efinke.com:5.1.1, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10, {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16, {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2, {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3, {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1, {bb6bc1bb-f824-4702-90cd-35e2fb24f25d}:1.0, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9, {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94, {455D905A-D37C-4643-A9E2-F6FEFAA0424A}:0.8.14, tineye@ideeinc.com:1.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {36C13C8F-54F1-412e-8177-2E411719162D}:4.1.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Plugin rilevatore iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Programmi\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@sony.com/ReaderDesktop]
"Description"=Reader for PC is installed if this plugin exists
"Path"=d:\Program Files\Sony\ReaderDesktop\npreaderdetectmoz.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.16]
"Description"=Veetle Broadcaster Plugin
"Path"=d:\Programmi\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=d:\Programmi\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=d:\Programmi\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]
"Description"=Zylom Games Player 1.00
"Path"=C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programmi\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programmi\Adobe Reader 10.0\Reader\AIR\nppdf32.dll

D:\Programmi\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

D:\Programmi\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIZylomPlugin.xpt

D:\Programmi\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npvsharetvplg.dll
npzylomgamesplayer.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Programmi\Mozilla Firefox\searchplugins\
amazon-it.xml
bing.xml
eBay-it.xml
google.xml
hoepli.xml
wikipedia-it.xml
yahoo-it.xml

C:\Users\Mr.Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Giuliano\extensions\
CLEO@guid.customsoftwareconsult.com
disconnect@disconnect.me
foxyproxy@eric.h(2).jung
it-IT@dictionaries.addons.mozilla.org
tineye@ideeinc.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{36C13C8F-54F1-412e-8177-2E411719162D}
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{987311C6-B504-4aa2-90BF-60CC49808D42}
{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)

C:\Users\Mr.Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Giuliano\searchplugins\
definr-dictionary-search.xml
duckduckgo.xml
ricerca-video-di-youtube.xml
the-free-dictionary.xml
wikizionario-it.xml
wordreference-en-it.xml
yahoo.xml
yopmailcom--email-temporaire.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~2\FlashGet\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-03 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - d:\Programmi\Megaupload Manager\MegaIEMn.dll [2010-09-08 109568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-03 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - D:\PROGRA~2\FlashGet\getflash.dll [2006-09-12 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - D:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-05-05 25600]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2011-06-14 101144]
"Logitech Utility"=C:\Windows\Logi_MwX.Exe [2003-12-11 20992]
"Norton Ghost 14.0"=D:\Programmi\Norton Ghost\Agent\VProTray.exe [2009-08-03 2250088]
"EvtMgr6"=D:\Programmi\Logitech\SetPointP\SetPoint.exe [2011-06-24 1386776]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"F.lux"=C:\Users\Mr.Roboto\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]
""= []
"BigAnt"=D:\Programmi\BigAnt\Client\BigAnt.exe [2011-03-16 1757243]
"SansaDispatch"=C:\Users\Mr.Roboto\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [2012-04-18 79872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3RVX]
D:\Programmi\3RVX\3RVX.exe [2008-10-13 159232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
D:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2012-07-30 640480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe [2007-08-30 148760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
D:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2012-07-31 41944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programmi\Adobe Reader 10.0\Reader\Reader_sl.exe [2012-07-27 35768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\Mr.Roboto\AppData\Local\Akamai\netsession_win.exe [2012-08-10 4440896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server]
D:\Programmi\FileZilla Server\FileZilla Server.exe [2010-10-17 742912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Mr.Roboto\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-21 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
C:\Program Files\HDD Regenerator\HDD Regenerator.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programmi\iTunes\iTunesHelper.exe [2011-12-08 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\programmi\hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Programmi\Malwarebytes' Anti-Malware\mbam.exe [2012-09-07 981656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
D:\Programmi\MultiScreen\MultiScreen.exe [2009-08-11 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutlookMessenger]
D:\Programmi\Outlook Messenger\OutlookMessenger.exe /m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programmi\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Application Helper]
d:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2012-01-31 892928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\squiggle]
D:\Programmi\Squiggle-3.0b Client\Squiggle.exe [2011-09-17 480768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
F:\VmWare\hqtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
D:\Programmi\MagicTune Premium\GammaTray.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
PrintAndFax.lnk - D:\Programmi\Fastweb PrintAndFax\FaxMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\acaptuser32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Programmi\IconPackager\iprepair.dll [2009-01-28 70960]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro36]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro36.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro36Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro36CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\remotepc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw32.dll
"vidc.tscc"=tsccvid.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.WMV3"=wmv9vcm.dll
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-10-05 17:13:49 ----D---- C:\rsit
2012-10-05 17:13:49 ----D---- C:\Program Files\trend micro
2012-10-05 17:10:28 ----SHD---- C:\$RECYCLE.BIN
2012-10-05 13:59:47 ----A---- C:\Windows\zip.exe
2012-10-05 13:59:47 ----A---- C:\Windows\SWSC.exe
2012-10-05 13:59:47 ----A---- C:\Windows\SWREG.exe
2012-10-05 13:59:47 ----A---- C:\Windows\sed.exe
2012-10-05 13:59:47 ----A---- C:\Windows\PEV.exe
2012-10-05 13:59:47 ----A---- C:\Windows\NIRCMD.exe
2012-10-05 13:59:47 ----A---- C:\Windows\MBR.exe
2012-10-05 13:59:47 ----A---- C:\Windows\grep.exe
2012-10-05 13:59:42 ----SD---- C:\ComboFix
2012-10-05 13:59:39 ----D---- C:\Qoobox
2012-10-04 19:10:36 ----A---- C:\TDSSKiller.2.8.10.0_04.10.2012_19.10.36_log.txt
2012-10-04 19:05:41 ----D---- C:\Program Files\ERUNT
2012-10-04 01:29:37 ----A---- C:\sxstraceInfo.txt
2012-10-03 19:21:35 ----D---- C:\Logitech
2012-10-03 19:21:30 ----A---- C:\Windows\brndlog.txt
2012-10-03 11:45:52 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-10-03 11:45:52 ----A---- C:\Windows\system32\javaw.exe
2012-10-03 11:45:52 ----A---- C:\Windows\system32\java.exe
2012-10-03 11:45:48 ----D---- C:\Program Files\Java
2012-10-03 11:43:02 ----A---- C:\Windows\system32\RENA95A.tmp
2012-10-03 11:43:02 ----A---- C:\Windows\system32\RENA959.tmp
2012-10-02 22:43:20 ----A---- C:\AdwCleaner[S1].txt
2012-10-02 20:25:46 ----A---- C:\Windows\system32\bootdelete.exe
2012-10-02 19:54:07 ----D---- C:\Program Files\HitmanPro
2012-10-02 19:53:51 ----D---- C:\ProgramData\HitmanPro
2012-10-02 15:26:31 ----D---- C:\Program Files\ESET
2012-10-02 11:54:39 ----A---- C:\Windows\ntbtlog.txt
2012-10-02 11:46:33 ----D---- C:\Windows\erdnt
2012-10-02 11:25:05 ----A---- C:\wsock32.dll
2012-10-01 12:33:06 ----D---- C:\Program Files\Backdoor Bifrose Removal Tool
2012-09-28 21:26:54 ----SHD---- C:\Windows\system32\%APPDATA%
2012-09-28 21:06:30 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\Pedobear
2012-09-28 10:06:23 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\Doublefine
2012-09-28 09:47:47 ----D---- C:\ProgramData\Codemasters
2012-09-22 10:06:59 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 10:06:59 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 10:06:58 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 10:06:58 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 10:06:58 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 10:06:58 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 10:06:58 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 10:06:58 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 10:06:57 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 10:06:57 ----A---- C:\Windows\system32\url.dll
2012-09-22 10:06:57 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 10:06:57 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 10:06:56 ----A---- C:\Windows\system32\mshtml.dll
2012-09-22 10:06:56 ----A---- C:\Windows\system32\ieframe.dll
2012-09-17 15:33:15 ----D---- C:\Program Files\Media Preview
2012-09-12 10:12:31 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-09-12 10:11:49 ----A---- C:\Windows\system32\win32spl.dll
2012-09-12 10:11:49 ----A---- C:\Windows\system32\spoolsv.exe
2012-09-12 10:11:49 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-12 10:11:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-12 10:11:48 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-12 10:11:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-12 10:11:47 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-12 10:11:47 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 10:11:45 ----A---- C:\Windows\system32\srcore.dll

======List of files/folders modified in the last 1 month======

2012-10-05 17:13:52 ----D---- C:\Windows\Temp
2012-10-05 17:13:49 ----RD---- C:\Program Files
2012-10-05 17:10:35 ----D---- C:\Windows\System32
2012-10-05 17:10:30 ----D---- C:\Windows\registration
2012-10-05 16:27:58 ----SHD---- C:\System Volume Information
2012-10-05 14:01:11 ----D---- C:\Windows
2012-10-05 13:59:40 ----D---- C:\Windows\system32\drivers
2012-10-05 13:58:30 ----D---- C:\Windows\Prefetch
2012-10-05 10:28:40 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\vlc
2012-10-04 23:39:25 ----D---- C:\Windows\pss
2012-10-04 23:24:48 ----SHD---- C:\Windows\Installer
2012-10-04 21:29:59 ----D---- C:\Windows\system32\config
2012-10-04 01:43:03 ----RSD---- C:\Windows\assembly
2012-10-03 23:54:52 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\Mozilla
2012-10-03 20:49:16 ----AD---- C:\ProgramData\TEMP
2012-10-03 19:21:26 ----RD---- C:\Users
2012-10-03 11:45:50 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-10-03 11:45:50 ----A---- C:\Windows\system32\javaws.exe
2012-10-03 11:45:50 ----A---- C:\Windows\system32\deployJava1.dll
2012-10-03 09:34:55 ----AHD---- C:\ProgramData
2012-10-02 20:19:21 ----D---- C:\Windows\Branding
2012-10-02 18:23:05 ----D---- C:\Windows\inf
2012-10-02 15:24:02 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\QuickScan
2012-10-02 12:39:59 ----D---- C:\Windows\system32\catroot2
2012-10-02 12:35:13 ----D---- C:\ProgramData\NVIDIA
2012-10-02 12:31:13 ----D---- C:\ProgramData\MFAData
2012-10-02 11:22:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-02 11:00:02 ----D---- C:\Windows\system32\it-IT
2012-09-29 16:40:26 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\Audacity
2012-09-29 16:35:39 ----A---- C:\Windows\system32\msvcsv60.dll
2012-09-29 16:35:13 ----A---- C:\Users\Mr.Roboto\AppData\Roaming\msregsvv.dll
2012-09-28 20:50:49 ----D---- C:\Windows\Minidump
2012-09-28 18:04:11 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\DC++
2012-09-28 09:39:31 ----D---- C:\Windows\Logs
2012-09-27 20:45:22 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\DAEMON Tools Lite
2012-09-27 18:33:51 ----D---- C:\Users\Mr.Roboto\AppData\Roaming\uTorrent
2012-09-27 18:33:37 ----D---- C:\Windows\debug
2012-09-22 11:48:08 ----D---- C:\Windows\winsxs
2012-09-22 10:08:39 ----D---- C:\Windows\system32\migration
2012-09-22 10:08:39 ----D---- C:\Program Files\Internet Explorer
2012-09-22 10:07:09 ----D---- C:\Windows\system32\catroot
2012-09-13 06:15:08 ----D---- C:\Windows\system32\wdi
2012-09-12 10:23:57 ----RSD---- C:\Windows\Fonts
2012-09-12 10:23:56 ----D---- C:\Windows\system32\DriverStore
2012-09-12 10:17:36 ----D---- C:\ProgramData\Microsoft Help
2012-09-12 10:12:45 ----A---- C:\Windows\system32\MRT.exe
2012-09-09 07:13:36 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pssnap;Paramount Software Snapshot Filter; C:\Windows\system32\DRIVERS\pssnap.sys [2011-01-17 16024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3132r5.sys [2008-10-09 217128]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-10-09 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-10-09 12200]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 symsnap;Symantec Volume Snap Shot Driver; C:\Windows\system32\DRIVERS\symsnap.sys [2009-07-01 138464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-13 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-10-13 25888]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2006-11-22 5120]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 511064]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 526296]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 14424]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 158808]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 95832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1178200]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2011-04-30 22040]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2011-04-30 65048]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 39064]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2011-04-30 81304]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2009-10-07 25752]
R3 mpfilt;mpfilt; \??\C:\Windows\system32\drivers\mpfilt.sys [2008-08-29 10588]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 mv2;mv2; C:\Windows\system32\DRIVERS\mv2.sys [2010-11-22 10200]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-04-18 148800]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 130136]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 ALSysIO;ALSysIO; \??\d:\Temp\ALSysIO.sys []
S3 amdagp;Driver filtro bus AMD AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthAvrcp;Profilo Bluetooth AVRCP; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2008-07-10 15872]
S3 BthEnum;Driver blocco richieste Bluetooth; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Dispositivo Bluetooth (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Driver della porta Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Driver USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\Windows\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
S3 catchme;catchme; \??\d:\Temp\catchme.sys []
S3 csr_a2dp;Profilo Bluetooth AV; C:\Windows\system32\drivers\bthav.sys [2009-12-21 61952]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-05-05 347144]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-03-24 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-03-24 8456]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 L6SeaMonkDev;Line 6 Variax USB Service; C:\Windows\System32\Drivers\L6SM.sys [2011-08-02 39296]
S3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\Windows\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630]
S3 LHidUsb;Logitech USB Receiver device driver; C:\Windows\System32\Drivers\LHidUsb.Sys [2003-12-11 37916]
S3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]
S3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2007-05-12 1921184]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-05-12 41888]
S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2007-05-12 3580832]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2009-12-09 46592]
S3 MSICDSetup;MSICDSetup; \??\B:\CDriver.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PORTIO64;PORTIO64; \??\D:\Temp\Rar$EX00.114\JungleFlasher v0.1.76 Beta (166)\portio32.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Dispositivo Bluetooth (RFCOMM protocollo TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2009-11-19 81920]
S3 sisagp;Filtro bus SIS AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-25 25216]
S3 TPkd;TPkd; C:\Windows\system32\drivers\TPkd.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-19 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe [2007-08-30 410904]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AntDS;AntDS; D:\Programmi\BigAnt\Server\AntDS.exe [2010-08-30 524288]
R2 AntServer;AntServer; D:\Programmi\BigAnt\Server\AntServer.exe [2011-03-13 1212498]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 AvServer;AvServer; D:\Programmi\BigAnt\Server\AvServer.exe [2010-04-19 167936]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 3857408]
R2 Norton Ghost;Norton Ghost; D:\Programmi\Norton Ghost\Agent\VProSvc.exe [2009-08-03 4322656]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 645440]
R2 ReflectService;Macrium Reflect Image Mounting Service; D:\Programmi\Macrium Reflect\ReflectService.exe [2011-01-17 220824]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [2009-07-14 7168]
R2 TomTomHOMEService;TomTomHOMEService; D:\Programmi\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
R3 SymSnapService;SymSnapService; D:\Programmi\Norton Ghost\Shared\Drivers\SymSnapService.exe [2009-07-01 1562096]
S2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 gupdate;Servizio di Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-05 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 OTFSDMS;UNCFAT DMS; C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe []
S2 SkypeUpdate;Skype Updater; D:\Programmi\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe []
S2 TeamViewer7;TeamViewer 7; D:\Programmi\TeamViewer 7\TeamViewer_Service.exe [2012-08-24 2735528]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Servizio stato di ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CGVPNCliSrvc;CyberGhost VPN Client; D:\Programmi\CyberGhost VPN\CGVPNCliService.exe [2011-07-05 2428968]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-09-29 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-09-29 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-09 655624]
S3 gupdatem;Servizio Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-05 136176]
S3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\programmi\hamachi\hamachi-2.exe [2010-03-30 1107336]
S3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe []
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 295192]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2007-09-12 2999664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-08-30 3407412]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2011-11-17 73728]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe []
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; d:\Programmi\FantaMorph5\FantaUp.exe [2010-11-18 224176]
S4 Cepstral License Server;Cepstral License Server; D:\Programmi\Cepstral\bin\CepstralLicSrv.exe [2007-03-15 57344]
S4 MSSQLServerADHelper100;Servizio SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe []

-----------------EOF-----------------


RSIT info

info.txt logfile of random's system information tool 1.09 2012-10-05 17:14:00

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
-->F:\Giochi\Legend of Grimrock\unins000.exe
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x10 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x10
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x10 /remove
µTorrent-->"D:\Programmi\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
3RVX-->MsiExec.exe /X{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}
7-Zip 9.20-->"d:\Programmi\7-Zip\Uninstall.exe"
Abrosoft FantaMorph 5.3.5-->"d:\Programmi\FantaMorph5\unins000.exe"
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Addictive Drums 1.5.2-->"F:\Musica\Addictive Drums\unins000.exe"
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AIMP2: Audio Tools-->D:\Programmi\AIMP2\atUninstall.exe
AIMP2-->D:\Programmi\AIMP2\Uninstall.exe
Alien Swarm-->"F:\Giochi\Steam\steam.exe" steam://uninstall/630
Aliens vs Predator-->"F:\Giochi\Steam\steam.exe" steam://uninstall/10680
Ambiente di runtime GTK+ versione 2.14.7 rev a (solo rimozione)-->D:\Programmi\Pidgin\GTK 2.0\uninst.exe
AmpliTube 3-->C:\Program Files\InstallShield Installation Information\{5DD152A8-BFB3-439E-90CD-5C00C2116E23}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
AmpliTube Jimi Hendrix-->C:\Program Files\InstallShield Installation Information\{66BA35B0-1911-47EF-B170-1DCFFDA362F1}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
AmpliTube X-GEAR-->C:\Program Files\InstallShield Installation Information\{21E77392-C30A-4AA2-8CA7-5728316939D6}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
Ancient Trader-->"F:\Giochi\Ancient Trader\unins000.exe"
Antares Autotune Evo VST RTAS v6.0.9-->"C:\Program Files\Antares Audio Technologies\Uninstall\unins000.exe"
Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2}
Apple Mobile Device Support-->MsiExec.exe /I{8153ED9A-C94A-426E-9880-5E6775C08B62}
Aspell Italian Dictionary-0.50-2-->D:\Programmi\Pidgin\Aspell\unins001.exe
Assassin's Creed Revelations-->"C:\Program Files\InstallShield Installation Information\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}\setup.exe" -runfromtemp -l0x0010 -removeonly
Bang Bang Racing-->"F:\Giochi\Bang Bang Racing\unins000.exe"
BitMeter-->"d:\Programmi\BitMeter\uninstall.exe"
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
Boson Exam Environment-->MsiExec.exe /I{12F69331-DCBB-46D5-B475-6BFD0F9048B3}
Boson NetSim for CCNP 7.0-->"C:\Program Files\InstallShield Installation Information\{8C1BC366-81DD-4050-B2DC-88287C90E915}\setup.exe" -runfromtemp -l0x0409 -removeonly
Boson NetSim for CCNP 7.0-->MsiExec.exe /I{8C1BC366-81DD-4050-B2DC-88287C90E915}
Broomstick Bass 1.0.0-->"F:\Musica\@@Plugins\Broomstick\uninstall-bb.exe"
Bullzip PDF Printer 7.1.0.1181-->"D:\Programmi\Bullzip PDF Printer\unins000.exe"
Cain & Abel v4.9.40-->D:\PROGRA~2\Cain\UNINSTAL.EXE D:\PROGRA~2\Cain\Install.log
Camtasia Studio 7-->MsiExec.exe /I{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}
CCleaner-->"D:\Programmi\CCleaner\uninst.exe"
Cepstral Vittoria 4.2.0-->MsiExec.exe /I{6FDDE294-32C8-4304-842E-FC1FF438E8FD}
Cisco Network Assistant-->D:\Programmi\Cisco Systems\Cisco Network Assistant\utilities\uninstall\uninstall.exe
Cisco Networking Academy curriculum 4.0.0.0-->"C:\CISCO_CCNA\unins000.exe"
Cisco Packet Tracer 5.3.1-->"D:\Programmi\Packet Tracer 5.3\unins001.exe"
Cisco Packet Tracer 5.3.3-->"D:\Programmi\Packet Tracer 5.3\unins002.exe"
Cisco Packet Tracer 5.3-->"D:\Programmi\Packet Tracer 5.3\unins000.exe"
Ciscopedia v3.0-->MsiExec.exe /I{61ADCC33-E631-4B53-8C64-0CBF0D683DD6}
Creative ALchemy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x10 /remove
Creative Smart Recorder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x10 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x10 /remove
Creative WaveStudio 7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x10 /remove
CyberCIEGE 1.9l Complete-->"D:\CISCO\CyberCIEGE\unins000.exe"
CyberGhost VPN-->"d:\Programmi\CyberGhost VPN\unins000.exe"
CYPHER - Cyberpunk Text Adventure v1.0-->"F:\Giochi\CYPHER - Cyberpunk Text Adventure\Uninstall\unins000.exe"
Dark Souls Prepare to Die Edition-->MsiExec.exe /I{4E4D0FA1-F880-4CCB-999A-501000008200}
Dark Souls Prepare to Die Edition-->MsiExec.exe /X{4E4D0FA1-F880-4CCB-999A-501000008200}
DC++ 0.799-->"D:\Programmi\DC++\uninstall.exe"
Desk Drive-->MsiExec.exe /I{06C265CF-F924-491E-8E6C-288460CB5E30}
Desk Drive-->MsiExec.exe /I{350A537D-B9EA-4042-83C8-E93474DF699A}
DeskDrive versione 1.8.5-->"D:\Programmi\Desk Drive\unins000.exe"
DeskPins (remove only)-->"D:\Programmi\DeskPins\uninstall.exe"
DVDInfoPro-->"D:\Programmi\DVDInfoPro\uninstall.exe"
EASEUS Partition Master 8.0.1 Home Edition-->"D:\Programmi\EASEUS Partition Master\unins000.exe"
Easy GIF Animator 5.2-->"D:\Programmi\Easy GIF Animator\unins000.exe"
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Ettercap NG 0.7.3-->"D:\Programmi\EttercapNG\uninstall.exe"
ExamDiff Pro 4.5 (Build 4.5.2.2)-->"d:\Programmi\ExamDiff Pro\unins000.exe"
EZdrummer-->MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
EZXVintage-->MsiExec.exe /I{430399DC-98BC-4A7F-8F8E-77981CABAE05}
F1 2012-->"F:\Giochi\F1 2012\unins000.exe"
Fable III-->MsiExec.exe /I{4D53090A-CE35-42BD-B377-831000018301}
Fallout-->"f:\giochi\Fallout\unins000.exe"
FileZilla Client 3.5.1-->d:\programmi\FileZilla FTP Client\uninstall.exe
FileZilla Server (remove only)-->"D:\Programmi\FileZilla Server\uninstall.exe"
FlashGet(JetCar)-->D:\PROGRA~2\FlashGet\UNWISE.EXE D:\PROGRA~2\FlashGet\INSTALL.LOG
foobar2000 v1.1.12a-->"d:\programmi\Foobar2000\uninstall.exe" _?=d:\programmi\Foobar2000
Free Hide Folder-->D:\PROGRA~2\FREEHI~1\UNWISE.EXE D:\PROGRA~2\FREEHI~1\INSTALL.LOG
GEAR driver installer for x86 Win2K-->MsiExec.exe /X{33286B63-B749-4D54-AA04-5631319B168D}
Geeks3D.com FurMark 1.9.1-->"D:\Programmi\FurMark\unins000.exe"
GetDiz-->"d:\Programmi\GetDiz\uninst-GetDiz.exe"
GNS3 0.7.3-->D:\Programmi\GNS3\uninst.exe
GNS3 VirtualBox Edition-->"D:\Programmi\GNS3 VirtualBox Edition\unins000.exe"
GNU Aspell 0.50-3-->D:\Programmi\Pidgin\Aspell\unins000.exe
Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
GPL Ghostscript 8.64-->D:\Programmi\Ghostscript\uninstgs.exe "D:\Programmi\Ghostscript\gs8.64\uninstal.txt"
Guitar Pro 5.2-->"D:\Programmi\Guitar Pro 5\unins000.exe"
Guitar Pro 6-->"F:\Musica\Guitar Pro 6\unins000.exe"
HeavyMetal Plus-->C:\Windows\iun507.exe D:\Programmi\HeavyMetal\irunin.ini
IconPackager-->"C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}\IconPackager.exe" REMOVE=TRUE MODIFY=FALSE
IconPackager-->C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}\IconPackager.exe
IK Multimedia Authorization Manager version 1.0.5-->"f:\musica\amplitube 3\Authorization Manager\unins000.exe"
IL Vocodex-->F:\Musica\IL Vocodex\uninstall.exe
ImgBurn-->"D:\Programmi\ImgBurn\uninstall.exe"
Infineon USB driver 1.0.0.6-->"D:\Programmi\Infineon\FlashUtility\drivers\Infineon USB driver\V1.0.0.6\unins000.exe"
Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Java DB 10.5.3.0-->MsiExec.exe /X{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}
Java™ 6 Update 35-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216035FF}
Java™ SE Development Kit 6 Update 19-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160190}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Language Pack del Visualizzatore della Guida Microsoft 1.0 - ITA-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0 Language Pack - ITA\install.exe
Legend of Grimrock-->"F:\Giochi\Legend of Grimrock\unins000.exe"
LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x0010 -removeonly
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x10 -l0010 UNINSTALL
Logitech SetPoint 6.30-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
Lounge Lizard EP-3 v3.1.4-->F:\Musica\@@Plugins\Lounge Lizard EP-3\Uninstall.exe
Macrium Reflect - Free Edition-->MsiExec.exe /I{8DB6BDDB-2416-4F39-BF40-2C004D2F68BB}
Magic Set Editor 2 - 0.3.8 beta-->"F:\Giochi\Magic Set Editor 2\unins000.exe"
Magic The Gathering - Duels of the Planeswalkers-->"F:\Giochi\MtG - Duels of the Planeswalkers\unins000.exe"
Malwarebytes Anti-Malware versione 1.65.0.1400-->"D:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
Manager banchi SoundFont-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x10 /remove
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Max Payne 3-->\"C:\Program Files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe\" -runfromtemp -l0x0409 -removeonly
Media Player Classic - Home Cinema v1.5.2.3456-->"D:\Programmi\Media Player Home Cinema\unins000.exe"
Media Preview-->MsiExec.exe /I{25ADFED1-681D-4DED-BF43-B1EED75C449B}
Mega Manager-->"C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1040 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile ITA Language Pack-->MsiExec.exe /X{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended - Language Pack (ITA)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1040 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended ITA Language Pack-->MsiExec.exe /X{4344E211-F621-3870-9A08-2F56C71BA0A7}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-->MsiExec.exe /X{47C39E4A-28F2-33B1-B9B7-97F24E52D917}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {7F40286D-09A7-4DC0-A2A4-AA18D026D369}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{834EA459-FD2C-4336-9DFE-C4EDBF63D51A}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{246D27BE-94F5-4838-B1F9-6DD3E379E488}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{48667EB3-6A7F-47B1-9C97-AFEDB4FD6B8D}
Microsoft SQL Server 2008 R2 Management Objects-->MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /X86
Microsoft SQL Server Compact 3.5 SP1 Design Tools - Italiano-->MsiExec.exe /X{02571A12-50D8-4D42-99CE-83D1144508C7}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
Microsoft Visual Basic 2008 Express Edition SP1 - ITA-->D:\Programmi\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - ITA\setup.exe
Microsoft Visual Basic 2010 Express - ITA-->d:\Programmi\Microsoft Visual Studio 10.0\Microsoft Visual Basic 2010 Express - ITA\setup.exe
Microsoft Visual Basic 2010 Express - ITA-->MsiExec.exe /X{186CCF6D-5BEF-3591-80E3-5300CEBA876E}
Microsoft Visual C# 2010 Express - ENU-->d:\Programmi\Microsoft Visual Studio 10.0\Microsoft Visual C# 2010 Express - ENU\setup.exe
Microsoft Visual C# 2010 Express - ENU-->MsiExec.exe /X{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{86CE1746-9EFF-3C9C-8755-81EA8903AC34}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32-->MsiExec.exe /X{044F9133-B8D7-4d11-BF39-803FA20F5C8B}
Microsoft Windows SDK for Windows 7 (7.1)-->"d:\Programmi\Microsoft SDKs\Windows\v7.1\Setup\Setup.exe" -x "-source:http://download.microsoft.com/download/A/6/A/A6AC035D-DA3F-4F0C-ADA4-37C8E5D34E3D/setup;d:\Programmi\Microsoft SDKs\Windows\v7.1\;d:\Programmi\Microsoft SDKs\Windows\v7.1\Setup\1033\;d:\Temp\SDKSetup\WinSDK\WinSDK\"
Microsoft XNA Framework Redistributable 3.0-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
Monkey Island™ Collezione Edizioni Speciali-->F:\Giochi\Monkey Island Collection\Uninstall.exe
MotioninJoy ds3 driver version 0.400 Beta 2-->"d:\Programmi\MotioninJoyPS3pad\unins000.exe"
Mozilla Firefox 15.0.1 (x86 it)-->D:\Programmi\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 15.0.1 (x86 it)-->D:\Programmi\Thunderbird 3\uninstall\helper.exe
MSI Afterburner 2.1.0-->"D:\Programmi\MSI\Afterburner\uninstall.exe"
MSI Kombustor 2.0.0-->"D:\Programmi\MSI\Kombustor\unins000.exe"
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Native Instruments Controller Editor-->C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}\Controller Editor Setup PC.exe
Native Instruments Guitar Rig 5-->C:\ProgramData\{1CEDDDD4-56D2-463F-BC4E-C5DFFD3533C9}\Guitar Rig 5 Setup PC.exe
Native Instruments Kontakt 4-->C:\ProgramData\{5EBCE76E-C69D-4C20-AF60-2E9DA59F03C8}\Kontakt 4 Setup PC.exe
Native Instruments Service Center-->C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}\Service Center Setup PC.exe
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS-->F:\Musica\BATTER~1\UNWISE.EXE F:\Musica\BATTER~1\INSTALL.LOG
Nero 8 Micro 8.2.8.0-->"D:\Programmi\Nero\unins000.exe"
NetBeans IDE 6.8-->"D:\Programmi\NetBeans 6.8\uninstall.exe"
NetTools 5.0-->"d:\Programmi\Net Tools\unins000.exe"
NirSoft RegScanner-->"D:\Programmi\RegScanner\uninst.exe"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{2D99A593-C841-43A7-B7C9-D6F3AE70B756}
Nokia Ovi Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{07D77970-B205-460C-84E4-263F30455597}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{07D77970-B205-460C-84E4-263F30455597}
Nokia Software Updater-->MsiExec.exe /X{4D568C38-0552-4CDD-A643-01FAFA2957EF}
Notepad++-->D:\Programmi\Notepad++\uninstall.exe
NSS (remove only)-->D:\Programmi\Nemesis Service Suite\uninstall.exe
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenDHCPServer-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-OpenDHCPServer.dat
Opera 12.02-->"D:\Programmi\Opera\Opera.exe" /uninstall
Oracle VM VirtualBox 4.1.8-->MsiExec.exe /I{611E3800-CE31-4953-8AD4-5657B6EE7ACF}
Ovi Desktop Sync Engine-->MsiExec.exe /X{2CC53A53-44F4-4667-8584-2FFC9ACB2242}
OviMPlatform-->MsiExec.exe /I{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}
Pacchetto di driver di Logitech Legacy USB Camera-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\11.00.1217\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"legacyqcam_11.00" /clone_wait /hide_progress
Pacchetto di driver di Logitech Webcam Software-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\12.10.1110\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_12.10" /clone_wait /hide_progress
Pacchetto driver Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\flashusb.inf_x86_neutral_90f2ee6ff352e406\flashusb.inf
Pacchetto driver Windows - Nokia Modem (06/09/2010 7.01.0.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_68b2fb14204f3667\nokbtmdm.inf
Pacchetto driver Windows - Nokia Modem (10/07/2010 4.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_875547a32190c11c\nokia_bluetooth.inf
Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Pannello di controllo audio Creative-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x10 /remove
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Pidgin-->D:\Programmi\Pidgin\pidgin-uninst.exe
Portal 2-->"F:\Giochi\Portal 2\unins000.exe"
Portal-->"F:\Giochi\Steam\steam.exe" steam://uninstall/400
Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}
PrintAndFax 1.03.00-->"C:\Windows\PrintAndFax\uninstall.exe" "/U:D:\Programmi\Fastweb PrintAndFax\irunin.xml"
Proprietà Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x10 /remove
Puerto Rico Update 1.060227-->"D:\Programmi\Puerto Rico\unins000.exe"
Puerto Rico-->"D:\Programmi\Puerto Rico\Uninstall.exe" "D:\Programmi\Puerto Rico\install.log"
PuTTY version 0.60-->"d:\Programmi\PuTTY\unins000.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
PyQt GPL v4.8.3 for Python v2.6 (x86)-->"D:\Programmi\Python2.6\Lib\site-packages\PyQt4\bin\Uninstall.exe"
Python 2.6 pywin32-216-->"D:\Programmi\Python2.6\Removepywin32.exe" -u "D:\Programmi\Python2.6\pywin32-wininst.log"
Python 2.6.6-->MsiExec.exe /I{6151CF20-0BD8-4023-A4A0-6A86DCFE58E5}
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
REAPER-->"F:\Musica\REAPER\Uninstall.exe"
Recuva-->"D:\Programmi\Recuva\uninst.exe"
redist-->MsiExec.exe /I{153C7D89-9CF4-4719-A551-C5BF45236DB5}
Rochard-->"F:\Giochi\Rochard\unins000.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Samsung ML-1200 Series-->C:\Program Files\SAMSUNG\Samsung ML-1200 Series\Install\Setup.exe /R
Samsung_MonSetup-->C:\Program Files\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
SC Ver 2.71-->"D:\Programmi\SuperCard Converter\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {27609E26-63D9-4180-BD50-08837BD3B1DC}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {31C0F635-15AD-4AA3-A3C6-B542B403D0EE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {075C2272-0881-46D3-B3A5-1D83D6940270}
Security Update for Microsoft Visual Basic 2010 Express - ITA (KB2251489)-->C:\Windows\system32\msiexec.exe /package {186CCF6D-5BEF-3591-80E3-5300CEBA876E} /uninstall {F606AC5F-4A30-3D7F-BC43-1200864BD9E5} /qb+ REBOOTPROMPT=&quot;&quot;
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)-->C:\Windows\system32\msiexec.exe /package {59F24743-2EA1-3A45-B8C2-6E0E1E078FA8} /uninstall {F606AC5F-4A30-3D7F-BC43-1200864BD9E5} /qb+ REBOOTPROMPT=&quot;&quot;
Service Pack 2 per SQL Server 2008 (KB2285068)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB2285068\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
Sleeping Dogs.v 1.5 + 12 DLC-->"f:\Giochi\Sleeping Dogs\Uninstall\unins000.exe"
Softube Metal Amp Room VST RTAS v1.1.5-->"C:\Program Files\Softube\Uninstall\unins000.exe"
Softube Vintage Amp Room VST RTAS v1.0.8-->"C:\Program Files\Softube\Uninstall\unins001.exe"
Software per stampante EPSON-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
SopCast 3.5.0-->C:\Program Files\SopCast\uninst.exe
SoulSeek 157 NS 13e-->"d:\Programmi\SoulseekNS\uninstall.exe"
Sound Forge Pro 10.0-->MsiExec.exe /X{3F9170C9-A7C2-408F-A4D8-EC77250040BF}
SpeedFan (remove only)-->"D:\Programmi\SpeedFan\uninstall.exe"
Startup Delayer v2.5 (build 138)-->D:\Programmi\Startup Delayer\Uninstall.exe
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steinberg Cubase 5-->MsiExec.exe /I{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}
Steinberg Drum Loop Expansion 01-->MsiExec.exe /I{490BF87E-1F75-4453-BF55-9F540543A3CA}
Steinberg HALionOne Studio Drum Set-->MsiExec.exe /I{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}
Steinberg LoopMash Content-->MsiExec.exe /I{4D454CF8-12FD-464D-B57B-B46FE27B78BB}
Steinberg Nuendo 4-->MsiExec.exe /I{41E0A8DD-4343-4B33-95C3-272A99F18984}
Steinberg REVerence Content 01-->MsiExec.exe /I{532B917B-8235-4FA5-BE36-643A8BB053A5}
Strange Eons-->"D:\Programmi\StrangeEons\uninstall.exe"
StreamTorrent 1.0-->"D:\Programmi\StreamTorrent 1.0\uninstall.exe"
Strumento di caricamento di Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Sun GlassFish Enterprise Server v3-->"D:\Programmi\GlassFish.sges-v3\uninstall.exe"
Superior Drummer Installer-->MsiExec.exe /I{009AC76E-1A66-4682-82B7-417E77F3C648}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
System Requirements Lab-->MsiExec.exe /I{4DE938F7-C196-43D7-8EEB-411CDE0A96B1}
TeamViewer 7-->D:\Programmi\TeamViewer 7\uninstall.exe
TeraCopy 2.27-->"d:\Programmi\TeraCopy\unins000.exe"
They bleed Pixels version 1-->"F:\Giochi\They bleed Pixels\unins000.exe"
TomTom HOME 2.8.2.2264-->D:\Programmi\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
T-RackS 3 Deluxe-->C:\Program Files\InstallShield Installation Information\{423C4130-EBC3-410A-B3A0-37BBF9D607D5}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
TVAnts 1.0-->D:\PROGRA~2\TVAnts\UNWISE.EXE D:\PROGRA~2\TVAnts\INSTALL.LOG
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
UE3Redist-->MsiExec.exe /X{6530FDAA-5B1F-4830-95BB-650E9804D239}
Unlocker 1.8.7-->D:\Programmi\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Extended
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {4EC4865E-587B-455B-9FC8-25C408FC5568}
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8B689F89-5E1C-4DA9-B2B1-7B3843275596}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BBE715CA-02FD-4C5A-90BB-440A967DF05E}
USB Flash Port Driver-->MsiExec.exe /I{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}
Utilità di avvio di Console di Creative-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x10 /remove
Veetle TV-->d:\Programmi\Veetle\UninstallVeetleTV.exe
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Vhd Resizer-->MsiExec.exe /I{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ITA-->MsiExec.exe /X{22F90F2E-1DA2-4801-A58C-FC3D13297749}
VLC media player 2.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VLC Streamer 1.22-->"D:\Programmi\VLC Streamer\unins000.exe"
Vopt 9-->d:\Programmi\Golden Bow\Vopt 9\UNINSTALL.EXE
Waves Vocal Bundle v1.1-->F:\Musica\WAVESV~1\AIRLOG~1\WAVESV~1\UNWISE.EXE F:\Musica\WAVESV~1\AIRLOG~1\WAVESV~1\INSTALL.LOG
What's Running 3.0-->"d:\Programmi\WhatsRunning\unins000.exe"
Windows 7 Upgrade Advisor Beta-->MsiExec.exe /I{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}
Windows Desktop Search: Add-in for Files on Microsoft Networks-->MsiExec.exe /I{05487065-50A6-44A4-BEAC-3C1B5EACB0EE}
Windows Live Call-->MsiExec.exe /I{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPcap 4.1.2-->C:\Program Files\WinPcap\uninstall.exe
WinRAR 4.20 (32-bit)-->D:\Programmi\WinRAR\uninstall.exe
Wireshark 1.6.0-->"d:\Programmi\Wireshark\uninstall.exe"
Wolfenstein™ 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}\setup.exe -runfromtemp -l0x0409
Xvid MPEG-4 Video Codec-->"d:\Programmi\Xvid Codec\unins000.exe"

======Hosts File======

127.0.0.1 localhost

======System event log======

Computer Name: Werewolf
Event Code: 27
Message: Aggiornamenti automatici sospesi.
Record Number: 582430
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20120528102921.664047-000
Event Type: Informazioni
User: NT AUTHORITY\SYSTEM

Computer Name: Werewolf
Event Code: 7002
Message: Notifica di disconnessione utente per Analisi utilizzo software
Record Number: 582429
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120528102921.164846-000
Event Type: Informazioni
User: NT AUTHORITY\SYSTEM

Computer Name: Werewolf
Event Code: 1074
Message: Il processo C:\Windows\system32\winlogon.exe (WEREWOLF) ha iniziato il Spegni del computer WEREWOLF per conto dell'utente Werewolf\Mr.Roboto a causa di quanto segue: Impossibile trovare un titolo per questo motivo
Codice causa: 0x500ff
Tipo di arresto del sistema: Spegni
Commento: .
Record Number: 582428
Source Name: USER32
Time Written: 20120528102921.000000-000
Event Type: Informazioni
User: Werewolf\Mr.Roboto

Computer Name: Werewolf
Event Code: 7036
Message: Il servizio Utilità di pianificazione classi multimediali è ora in modalità esecuzione.
Record Number: 582427
Source Name: Service Control Manager
Time Written: 20120528102918.422786-000
Event Type: Informazioni
User:

Computer Name: Werewolf
Event Code: 1074
Message: Il processo Explorer.EXE ha iniziato il Spegni del computer WEREWOLF per conto dell'utente Werewolf\Mr.Roboto a causa di quanto segue: Altro (non pianificato)
Codice causa: 0x0
Tipo di arresto del sistema: Spegni
Commento: .
Record Number: 582426
Source Name: USER32
Time Written: 20120528102908.000000-000
Event Type: Informazioni
User: Werewolf\Mr.Roboto

=====Application event log=====

Computer Name: Werewolf
Event Code: 3407
Message: È stato eseguito il rollback di '0' transazioni nel database 'msdb' (4). Questo è un messaggio informativo. Non è richiesto alcun intervento da parte dell'utente.
Record Number: 123966
Source Name: MSSQL$SQLEXPRESS
Time Written: 20120222053702.000000-000
Event Type: Informazioni
User:

Computer Name: Werewolf
Event Code: 3406
Message: È stato eseguito il rollforward di '1' transazioni nel database 'msdb' (4). Questo è un messaggio informativo. Non è richiesto alcun intervento da parte dell'utente.
Record Number: 123965
Source Name: MSSQL$SQLEXPRESS
Time Written: 20120222053702.000000-000
Event Type: Informazioni
User:

Computer Name: Werewolf
Event Code: 17136
Message: Cancellazione del contenuto del database tempdb in corso.
Record Number: 123964
Source Name: MSSQL$SQLEXPRESS
Time Written: 20120222053701.000000-000
Event Type: Informazioni
User:

Computer Name: Werewolf
Event Code: 17137
Message: Avvio del database 'msdb' in corso.
Record Number: 123963
Source Name: MSSQL$SQLEXPRESS
Time Written: 20120222053658.000000-000
Event Type: Informazioni
User:

Computer Name: Werewolf
Event Code: 17137
Message: Avvio del database 'model' in corso.
Record Number: 123962
Source Name: MSSQL$SQLEXPRESS
Time Written: 20120222053658.000000-000
Event Type: Informazioni
User:

=====Security event log=====

Computer Name: Werewolf
Event Code: 5058
Message: Operazione con file di chiave.

Soggetto:
ID sicurezza: S-1-5-21-1390435069-2347297169-2357984066-1000
Nome account: Mr.Roboto
Dominio account: Werewolf
ID accesso: 0x24009

Parametri di crittografia:
Nome provider: Microsoft Software Key Storage Provider
Nome algoritmo: Non disponibile.
Nome chiave: CertContainer
Tipo di chiave: Chiave computer.

Informazioni sull'operazione con file di chiave:
Percorso file: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_458b18d8-d4df-47df-9125-32d6e7e2b6d7
Operazione: Leggi chiave permanente da file.
Codice restituito: 0x0
Record Number: 130106
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120929152059.751594-000
Event Type: Controllo riuscito
User:

Computer Name: Werewolf
Event Code: 5061
Message: Operazione di crittografia.

Soggetto:
ID sicurezza: S-1-5-21-1390435069-2347297169-2357984066-1000
Nome account: Mr.Roboto
Dominio account: Werewolf
ID accesso: 0x24009

Parametri di crittografia:
Nome provider: Microsoft Software Key Storage Provider
Nome algoritmo: RSA
Nome chiave: CertContainer
Tipo di chiave: Chiave computer.

Operazione di crittografia:
Operazione: Apri una chiave.
Codice restituito: 0x0
Record Number: 130105
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120929152059.709591-000
Event Type: Controllo riuscito
User:

Computer Name: Werewolf
Event Code: 5058
Message: Operazione con file di chiave.

Soggetto:
ID sicurezza: S-1-5-21-1390435069-2347297169-2357984066-1000
Nome account: Mr.Roboto
Dominio account: Werewolf
ID accesso: 0x24009

Parametri di crittografia:
Nome provider: Microsoft Software Key Storage Provider
Nome algoritmo: Non disponibile.
Nome chiave: CertContainer
Tipo di chiave: Chiave computer.

Informazioni sull'operazione con file di chiave:
Percorso file: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_458b18d8-d4df-47df-9125-32d6e7e2b6d7
Operazione: Leggi chiave permanente da file.
Codice restituito: 0x0
Record Number: 130104
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120929152059.709591-000
Event Type: Controllo riuscito
User:

Computer Name: Werewolf
Event Code: 5061
Message: Operazione di crittografia.

Soggetto:
ID sicurezza: S-1-5-21-1390435069-2347297169-2357984066-1000
Nome account: Mr.Roboto
Dominio account: Werewolf
ID accesso: 0x24009

Parametri di crittografia:
Nome provider: Microsoft Software Key Storage Provider
Nome algoritmo: RSA
Nome chiave: CertContainer
Tipo di chiave: Chiave computer.

Operazione di crittografia:
Operazione: Apri una chiave.
Codice restituito: 0x0
Record Number: 130103
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120929152059.614586-000
Event Type: Controllo riuscito
User:

Computer Name: Werewolf
Event Code: 5058
Message: Operazione con file di chiave.

Soggetto:
ID sicurezza: S-1-5-21-1390435069-2347297169-2357984066-1000
Nome account: Mr.Roboto
Dominio account: Werewolf
ID accesso: 0x24009

Parametri di crittografia:
Nome provider: Microsoft Software Key Storage Provider
Nome algoritmo: Non disponibile.
Nome chiave: CertContainer
Tipo di chiave: Chiave computer.

Informazioni sull'operazione con file di chiave:
Percorso file: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_458b18d8-d4df-47df-9125-32d6e7e2b6d7
Operazione: Leggi chiave permanente da file.
Codice restituito: 0x0
Record Number: 130102
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120929152059.613586-000
Event Type: Controllo riuscito
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\NVIDIA Corporation\PhysX\Common;D:\Programmi\Python2.6\Lib\site-packages\PyQt4\bin;C:\Program Files\PC Connectivity Solution;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;d:\Programmi\Java\jdk1.6.0_19\bin;D:\Programmi\Cepstral\bin;C:\Program Files\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files\Common Files\iZotope\Runtimes;d:\Programmi\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=1706
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PT5HOME"=D:\Programmi\Packet Tracer 5.3
"asl.log"=Destination=file
"LGSDIR"=C:\Program Files\Logitech Gaming Software\
"CLASSPATH"=.;d:\Programmi\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=d:\Programmi\Java\jre6\lib\ext\QTJava.zip
"VBOX_INSTALL_PATH"=F:\Virtualbox\

-----------------EOF-----------------




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users